control.kt365.vn Open in urlscan Pro
2606:4700:3032::ac43:de84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://control.kt365.vn/
Submission: On November 30 via api (November 30th 2023, 10:51:23 am UTC) from US — Scanned from US

Summary HTTP 119 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 14 domains to perform 119 HTTP transactions. The main IP is 2606:4700:3032::ac43:de84, located in United States and belongs to CLOUDFLARENET, US. The main domain is control.kt365.vn.
TLS certificate: Issued by E1 on November 12th 2023. Valid for: 3 months.

This is the only time control.kt365.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3032::ac43:de84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
22	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1 2	3.223.113.34 3.223.113.34	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.65.230 142.250.65.230	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:816::2006	15169 (GOOGLE) (GOOGLE)
1 2	34.209.39.106 34.209.39.106	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
6 8	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
1	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:247... 2600:9000:247b:f000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f13:800... 2600:1f13:800:7782:b16c:a2b7:3125:e914	16509 (AMAZON-02) (AMAZON-02)
1	23.46.225.71 23.46.225.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:ae80:145... 2606:ae80:1451:17::1400	25751 (VALUECLICK) (VALUECLICK)
119	20

5 2606:4700:3032::ac43:de84 (United States)

ASN13335 (CLOUDFLARENET, US)

control.kt365.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.223.113.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-113-34.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:816::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.39.106 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-39-106.us-west-2.compute.amazonaws.com

citizensbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.35.162 (Queens, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.161.208 (Brooklyn, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:247b:f000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7782:b16c:a2b7:3125:e914 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.225.71 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-225-71.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1451:17::1400 (United States)

ASN25751 (VALUECLICK, US)

tpt.mediaplex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	552 KB
24	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840	186 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	277 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	108 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	gstatic.com www.gstatic.com	41 KB
5	kt365.vn control.kt365.vn	38 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	demdex.net 1 redirects citizensbank.demdex.net — Cisco Umbrella Rank: 51742	1 KB
1	mediaplex.com tpt.mediaplex.com — Cisco Umbrella Rank: 5881	323 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	599 B
119	14

	Domain	Requested by
28	pagead2.googlesyndication.com	control.kt365.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com fw.adsafeprotected.com s0.2mdn.net www.googletagservices.com
22	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net control.kt365.vn tpc.googlesyndication.com s0.2mdn.net
12	s0.2mdn.net	googleads.g.doubleclick.net control.kt365.vn s0.2mdn.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com control.kt365.vn googleads.g.doubleclick.net
8	dt.adsafeprotected.com	googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	control.kt365.vn	control.kt365.vn
4	ad.doubleclick.net	control.kt365.vn
4	www.googletagservices.com	googleads.g.doubleclick.net control.kt365.vn
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	citizensbank.demdex.net	1 redirects googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects control.kt365.vn
1	tpt.mediaplex.com	googleads.g.doubleclick.net
1	stags.bluekai.com	googleads.g.doubleclick.net
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	googleads.g.doubleclick.net
119	20

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
kt365.vn E1	`2023-11-12` - `2024-02-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.mediaplex.com GlobalSign RSA OV SSL CA 2018	`2023-03-16` - `2024-04-16`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://control.kt365.vn/
Frame ID: 375EF22019C0658761B0A8CD2F55E05D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Frame ID: AA14D630B64679BE2E2488AC6C4970AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5195111790972465&output=html&adk=1812271804&adf=3025194257&lmt=1701341476&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fcontrol.kt365.vn%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701341476315&bpp=4&bdt=215&idt=187&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1891809645389&frm=20&pv=2&ga_vid=917184070.1701341477&ga_sid=1701341477&ga_hid=1124298957&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3859106931910365&tmod=1597319002&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 60FC892A7F522EFE1BB98601FDC5069C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 547EDB9FE531852831D42C88D8D15614
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BEF68390C482CF88881FB1CCE2BA143D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7CAB3B8A8F33EB31310D4199DB1BD420
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 64D4A9ACED0299C676D0B44C665EF1CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARjnysbbATAB&v=APEucNUIZFttioUrwQdPdVr0OWOc0bKQ43x22OLWI9l_Ct_teEaJy61npMWk4mXp6XYzkTxM3CmYoI8F83DBZXT0nNug4A0cfg
Frame ID: 393CCE71C7A12558B79A4892F11ED09C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4FABE3F0CD8FEB5EA1A664A8B7856C18
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaoDBD-pYUBGL2Yl_sBMAE&v=APEucNWCnRKaiKXM9DMT00NRDA_auv_kkQLH1vz5taJOzJ4NYF4pYSkOJSLKllPc9heMiIuX8DiWj2EbEvyRMKG-gFSMDTIIeQ
Frame ID: 186BB0C869A94832820019401FEA0D85
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Frame ID: 4E88F1F3BC65532FFC164EBB3E832E43
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 90DBCF3B3952C33E7E998EF26DAC7ED1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3111369D3392920EDDD68EDB36651FEB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 93AFC25E554A5228F7B0477A85632C6C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7B8231AFAA60AFB13F8DA061CE8E7EBB
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F25CD4B64633F1859E9F3BBA515A3074
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/btzJJPtCi-JsEYrp8vCLaDl2UWUtUoZooX84PkbxxAk.js
Frame ID: ABA4F109039FEF72CEC9297DAF2059E5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FD4B4570347CF203F411F114C4D16687
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/btzJJPtCi-JsEYrp8vCLaDl2UWUtUoZooX84PkbxxAk.js
Frame ID: 6133F14533EE5EBAA1F1B9A89AF5219A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B0C6A9DCD7D8A98066335E92B0073BB8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
Frame ID: 21DC7133599D268C177B97008AA98134
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
Frame ID: 58198F2565825493DEB08BAE99B6D6FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

control.kt365.vn

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

119
Requests

91 %
HTTPS

58 %
IPv6

14
Domains

20
Subdomains

20
IPs

2
Countries

1462 kB
Transfer

4186 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://citizensbank.demdex.net/event?d_event=imp&d_src=110948&d_site=5861052&d_creative=202468609&d_placement=378855131&d_campaign=29119290 HTTP 302
https://citizensbank.demdex.net/firstevent?d_event=imp&d_src=110948&d_site=5861052&d_creative=202468609&d_placement=378855131&d_campaign=29119290

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1

Request Chain 55

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhpJsP0PA8r5JIttog3ZAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1

Request Chain 57

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjAzNTA4MDc1NTE4OTEwOQ%3D%3D

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1

Request Chain 59

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhpJm3PsllNqIyIxTMshAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1

Request Chain 61

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxODU5MjY2OTQ0NTA0ODg4Nw%3D%3D

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 76

https://fw.adsafeprotected.com/rfw/bgd/1278205/67950628/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blMKh295eEfS54XRB3Fa1ahsHZziB64ziAc_dRD_zhbnh4K3c4D9iY2RLMaUpG-rBnWOw7uL9MBdnj1tYPwnGJf0AwhzzEv2PUo6vNN97nttTDGRk6oBL82SOwdQsN4S-RQAoCZ_4BTO22OLTOIyB5gqRh8NUeVDcHuMPivIhZGEFBy12DCfJHh0p2dGztDIIDudU6EXIgFWS5hihAABv9EuAj7RAhsibiG-Ohw5VhOEQholXCa16qmlTcWPf0c1spT74T1JY8oEhCkGWuFvC7L_kKsj3IGUAPvEYma4QeN03RQ1TSmX_CogCIVrtvNjy1c6qYbqgjFa6A-Y6CnJv7Ol-yt4i5eoKPFWBskvKxx2VM38ot-bedM6gd0_zWgqw5njAZpiqYSoUFL4C_DgITwhhMDS2Zo2rwafAQLor2yQ-UzqxcEo7mE30MDK5FJO7WrMFpLE_CGaVb2PDo7Np_Ccahmd__STjhu1IXw7G4tS3U971CIDTrsM9gpC3YhMUkizssooyJxPxOaAvKGOokiGWePBzrgvrHhHkK6JYxiVvTiNenZlS0T_C7nqcEFMeFqYWLjy9GhoJD2v_AMo8jY0KkaTOr5COy71rbIu10RPy7GcCff9G97QPMsGPsWxsB9DmWDhYCtoZbG1Ia02N_umwUT63iT_cSBVf75goUnPv7GeJk5NLzQXDznweFxcHAhQqWkvjxjoHQrqLi-wQXzb70Gc17vdCBmTrNSoGYbHbADbmOm0zt4NFcXSsO17Je1lxZoCSuxRPDX48_61eT2vmZtxQ01Io0fxuV_WJgAIhVpKRaGiiHJAcr1aRqFLcrVbs_KY_tWJGq54QVRG22eyw-sYbJIz4SUtFjx0Z6Zl0C6eBzbAMUvKZqPAdFnAj5zU6zQc02mbObIn1yB-plTOsfMssQBNzj_z7rzdlBkpOW49GGZOY2xctFWTczqDpOLaTCQno6CE6mdmPWiRh3WHGx7hS6BxViNpJd2LEFoY_trTWK4W1zp2icl802tmD0_-1Uyi0v1yhoU2qlyxqCgmYIWAMl91XL0Qb1BB23o-dsFt2Q1QjjUZrteJ6te6upIY0dadJADG8aAqxqImwShQrC_kS7hkRraLgkkZj5UoRRDHbK_aS0haakHMsdNm6MCiqXs08NwAUbUw6MoBRJk3DHro0POeD5fRrXLaHOJx909PsPXyQVM1duBZKSNd2j_byzwahkj3hyErcZ-5Hs30QYdkwJGF14BpVxu49J6Vlncy8v0ti17JlE4CUKkGX-LPV_WcnvdV6JQvQyyWzsuoZxRjJAYQd8rvOwk56Zp-vM4RCQyjAkMaUnaiMAXGeKLJiGInccHDH9bNsj9tjSh7KjIQEHV7kIw2d6tmLlZyYq3gknYKtjHranXAipxM1DKjG06gLvhsX5Iz3kcd1HFb7_PC2llLmeVCrHFu8I6JAAnTZr7Pq4LEoU4Jhha8rPXKiR2UGNOkCUNVlLzpUwQC2YnXPzj1iuDnKMyrUQvjXg9qX1pDlqDJaTJuT-zDyuD4BY2UDFAMyiV8Z3MMUosP3L_SVKe6hBR4WX9yEjykuM2OV3_pyZl8GxqZlPsJDqOMuY9B4vIltnBvs4hUrjT9e3h8l1jCVTNYnCgwHmTYC0mdlf2-eLaoeXyxu9J0sKHaSMie7jNEsvnE5jD9w3KgRPIxjb0mznIp-Cckolo16k_LLQbwSpSOGSODSk0KVU7olxKOgxCT4UKUp9tcGI5X26rt31JQrw6A_5IOIjBbAmqE8XqUkOnl4E4bOI6XxuCgCRZTJuth4KOWVfuuZhZTWMPRKPFhDP9I7aSknpI3s0_gCWk1l-r78fr5PbC_xAjt4pgb085XIFNsym1SsgQhME-F6e4qBy7USJ5cc6kLB6qFj6ERRzrhnhXO9NTVZMRtFE62-VW5CHgT7rsKI_HcckpD-kPU_wqJmPQ_MSl0RydCYZx_VvhgJgQuqJaFcj9mnZ5srE6E7GFhc3YFhZ2LmjPE2p_kBPuV3gaTlYTaxMU4LAtvzkWNqdyVwdF1dZBvGLm_V1RtG0wqyA0F44oeGMRkjsjaPfM396yRab9AeQZoE3qW21lPp5w3mQjY9-2gWYKOVIHUnKdQJUA1caYJwMidXxJg80YYWU-G2PPcTgtjz3mCn5_1p0nqx8Xi7rIdTcW6ioVV6TOpbd4zKe7TUp9dZm3TviIdksUX9xMXL24pZRIMGfjGYon2uvnZx43uk8nX56GBG0HSn0ohv5il6E3owqjBvMsY3uCbWFdrmoglAaMI1uYWWycLpvXbSIpFrR3O-ybXdB6olzsnTDvhkJbEy1hs2M9enlJqmR8jYJ5p2y0EVrNvVrakTwHaunWYk4OoYNYFOGTUaoV_47_6T0GVOgps83-S-4wrGC7y2V7ic2jcRS3GZQOiTeY0NEqXq6DpkNGc2sHFCjK2vSO2iLWQjDnpNM6ftQyfrLB04uVq_iwbNoYQVdGn0nVYV1t0Y1iDg_ngAub4cMAC3K5nqnWYVhDI-lukDSCz4one_3WC6RPxeLaotubURZsBHXlU2vCC7AB6MyOqB2pzCK3HVAxDkQvMWVE1xJba62CkgwUFFtyfwekJC0UiUueVDPIC50TzV_ieIrDretWSTxStFrHI7TJnSflLHZKGBH2WXmR2-nX-UZIQEP8xltv7uwToICRn6q-4b1eCd-rbIfD5X6rMX4YWpJk-ZTH9NcFhTS8n3N0ojRVe8yRzgI5PmB8MRSNq5UYXwJjE7w5K5rC8eHzbG5DXNSE4bM5s1oFtKa6SyvufYvEBoPi66fZ8HRNK8PKE5yNaQbapXJcwY_RZWl2-X4W0axxu0ef_mgyGbwlehpe_EsGLbxFycjEZzcsQCwc6ppC3yDVepvlH6ClVIvkEu4wF12-R_5yvzk55NAzDvU1tAzrbiPo4qbJN1G232TjrYWPErVgD-sKsCqT9_tK8nwrC3MnGFpr_htGns3AeTr5hfzLYwijFJ4ScN85017SnFky4yvKIOWhPLcyz8-qADRU3BCtW398Un9vgkCHkHOiH5LuTcS32MIz6kI1jwwVl1xRz-L1YccOeUM0wclUoqxu5gjuXWF_f2f12rYseDHzCcoICj1qxLLCBy3MJqKr0i8oFiZ7Ips6onbiEzC2zbFwBnWdDG6maxt-gJ2_XjvDx174pSK34EsDsxhHMYC9Kt1pnzzcK076WlyiEN9VF_wwryin5c7RjK858rKM7NfXIrhC5BP6v3JAaPM6UCxbudrg_T7ExYax_o5WLRx8XlFzbNbZfzxAgxITnkvBsK14uyppTQ74F_wdGJn8U6fyHLGaIKAYzGf50mU1gAhZW0nntpAxcqnkL_Qp9L-Lcnm91FFAiRhEbUnuJDE1lJaWWjla_OJjxQt0giT38evaAsoZjt08Z9ZNmvhRmuohqG5ZyXJqd0n_41OWDo1MPaihvAbVJ4vSod41IRHpqAI2m92Z9_FVJS5Wl5a7zgqnDowTX7bEL75FXE7DJkYFD0clUtcl5qTVTIX6NEAfzD68jCbNJbrQdKp6VOHYlphy5H93BDx6Ta-w_aQ29myw8TUOPj4c0q3ZxoEEfamfSRIEQk_aJq6hJah_8nmTrsuea1LtU8utPln3BiZQFXY4GUIeBjCixca97cgCl2j5Rt8yQpOEJYmJV0tQTiX9OCsVd-fA5rwhzhBpVCAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1009806384&ias_pubId=pub-5195111790972465&ias_chanId=1&ias_placementId=19084107325&bidurl=https://control.kt365.vn/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h9wdwoL2XM5vJZ3ooz-NZ4&adsafe_url=https%3A%2F%2Fcontrol.kt365.vn&adsafe_type=g&adsafe_url=https%3A%2F%2Fcontrol.kt365.vn%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231128%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231128%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5195111790972465%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:3a56eb6a-9dcf-5017-40cc-bd124b76c942,c:vpjWeZ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5f456796bd-76hvr,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:63ed13e3-8f6e-11ee-b15e-aee8fee76817,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blMKh295eEfS54XRB3Fa1ahsHZziB64ziAc_dRD_zhbnh4K3c4D9iY2RLMaUpG-rBnWOw7uL9MBdnj1tYPwnGJf0AwhzzEv2PUo6vNN97nttTDGRk6oBL82SOwdQsN4S-RQAoCZ_4BTO22OLTOIyB5gqRh8NUeVDcHuMPivIhZGEFBy12DCfJHh0p2dGztDIIDudU6EXIgFWS5hihAABv9EuAj7RAhsibiG-Ohw5VhOEQholXCa16qmlTcWPf0c1spT74T1JY8oEhCkGWuFvC7L_kKsj3IGUAPvEYma4QeN03RQ1TSmX_CogCIVrtvNjy1c6qYbqgjFa6A-Y6CnJv7Ol-yt4i5eoKPFWBskvKxx2VM38ot-bedM6gd0_zWgqw5njAZpiqYSoUFL4C_DgITwhhMDS2Zo2rwafAQLor2yQ-UzqxcEo7mE30MDK5FJO7WrMFpLE_CGaVb2PDo7Np_Ccahmd__STjhu1IXw7G4tS3U971CIDTrsM9gpC3YhMUkizssooyJxPxOaAvKGOokiGWePBzrgvrHhHkK6JYxiVvTiNenZlS0T_C7nqcEFMeFqYWLjy9GhoJD2v_AMo8jY0KkaTOr5COy71rbIu10RPy7GcCff9G97QPMsGPsWxsB9DmWDhYCtoZbG1Ia02N_umwUT63iT_cSBVf75goUnPv7GeJk5NLzQXDznweFxcHAhQqWkvjxjoHQrqLi-wQXzb70Gc17vdCBmTrNSoGYbHbADbmOm0zt4NFcXSsO17Je1lxZoCSuxRPDX48_61eT2vmZtxQ01Io0fxuV_WJgAIhVpKRaGiiHJAcr1aRqFLcrVbs_KY_tWJGq54QVRG22eyw-sYbJIz4SUtFjx0Z6Zl0C6eBzbAMUvKZqPAdFnAj5zU6zQc02mbObIn1yB-plTOsfMssQBNzj_z7rzdlBkpOW49GGZOY2xctFWTczqDpOLaTCQno6CE6mdmPWiRh3WHGx7hS6BxViNpJd2LEFoY_trTWK4W1zp2icl802tmD0_-1Uyi0v1yhoU2qlyxqCgmYIWAMl91XL0Qb1BB23o-dsFt2Q1QjjUZrteJ6te6upIY0dadJADG8aAqxqImwShQrC_kS7hkRraLgkkZj5UoRRDHbK_aS0haakHMsdNm6MCiqXs08NwAUbUw6MoBRJk3DHro0POeD5fRrXLaHOJx909PsPXyQVM1duBZKSNd2j_byzwahkj3hyErcZ-5Hs30QYdkwJGF14BpVxu49J6Vlncy8v0ti17JlE4CUKkGX-LPV_WcnvdV6JQvQyyWzsuoZxRjJAYQd8rvOwk56Zp-vM4RCQyjAkMaUnaiMAXGeKLJiGInccHDH9bNsj9tjSh7KjIQEHV7kIw2d6tmLlZyYq3gknYKtjHranXAipxM1DKjG06gLvhsX5Iz3kcd1HFb7_PC2llLmeVCrHFu8I6JAAnTZr7Pq4LEoU4Jhha8rPXKiR2UGNOkCUNVlLzpUwQC2YnXPzj1iuDnKMyrUQvjXg9qX1pDlqDJaTJuT-zDyuD4BY2UDFAMyiV8Z3MMUosP3L_SVKe6hBR4WX9yEjykuM2OV3_pyZl8GxqZlPsJDqOMuY9B4vIltnBvs4hUrjT9e3h8l1jCVTNYnCgwHmTYC0mdlf2-eLaoeXyxu9J0sKHaSMie7jNEsvnE5jD9w3KgRPIxjb0mznIp-Cckolo16k_LLQbwSpSOGSODSk0KVU7olxKOgxCT4UKUp9tcGI5X26rt31JQrw6A_5IOIjBbAmqE8XqUkOnl4E4bOI6XxuCgCRZTJuth4KOWVfuuZhZTWMPRKPFhDP9I7aSknpI3s0_gCWk1l-r78fr5PbC_xAjt4pgb085XIFNsym1SsgQhME-F6e4qBy7USJ5cc6kLB6qFj6ERRzrhnhXO9NTVZMRtFE62-VW5CHgT7rsKI_HcckpD-kPU_wqJmPQ_MSl0RydCYZx_VvhgJgQuqJaFcj9mnZ5srE6E7GFhc3YFhZ2LmjPE2p_kBPuV3gaTlYTaxMU4LAtvzkWNqdyVwdF1dZBvGLm_V1RtG0wqyA0F44oeGMRkjsjaPfM396yRab9AeQZoE3qW21lPp5w3mQjY9-2gWYKOVIHUnKdQJUA1caYJwMidXxJg80YYWU-G2PPcTgtjz3mCn5_1p0nqx8Xi7rIdTcW6ioVV6TOpbd4zKe7TUp9dZm3TviIdksUX9xMXL24pZRIMGfjGYon2uvnZx43uk8nX56GBG0HSn0ohv5il6E3owqjBvMsY3uCbWFdrmoglAaMI1uYWWycLpvXbSIpFrR3O-ybXdB6olzsnTDvhkJbEy1hs2M9enlJqmR8jYJ5p2y0EVrNvVrakTwHaunWYk4OoYNYFOGTUaoV_47_6T0GVOgps83-S-4wrGC7y2V7ic2jcRS3GZQOiTeY0NEqXq6DpkNGc2sHFCjK2vSO2iLWQjDnpNM6ftQyfrLB04uVq_iwbNoYQVdGn0nVYV1t0Y1iDg_ngAub4cMAC3K5nqnWYVhDI-lukDSCz4one_3WC6RPxeLaotubURZsBHXlU2vCC7AB6MyOqB2pzCK3HVAxDkQvMWVE1xJba62CkgwUFFtyfwekJC0UiUueVDPIC50TzV_ieIrDretWSTxStFrHI7TJnSflLHZKGBH2WXmR2-nX-UZIQEP8xltv7uwToICRn6q-4b1eCd-rbIfD5X6rMX4YWpJk-ZTH9NcFhTS8n3N0ojRVe8yRzgI5PmB8MRSNq5UYXwJjE7w5K5rC8eHzbG5DXNSE4bM5s1oFtKa6SyvufYvEBoPi66fZ8HRNK8PKE5yNaQbapXJcwY_RZWl2-X4W0axxu0ef_mgyGbwlehpe_EsGLbxFycjEZzcsQCwc6ppC3yDVepvlH6ClVIvkEu4wF12-R_5yvzk55NAzDvU1tAzrbiPo4qbJN1G232TjrYWPErVgD-sKsCqT9_tK8nwrC3MnGFpr_htGns3AeTr5hfzLYwijFJ4ScN85017SnFky4yvKIOWhPLcyz8-qADRU3BCtW398Un9vgkCHkHOiH5LuTcS32MIz6kI1jwwVl1xRz-L1YccOeUM0wclUoqxu5gjuXWF_f2f12rYseDHzCcoICj1qxLLCBy3MJqKr0i8oFiZ7Ips6onbiEzC2zbFwBnWdDG6maxt-gJ2_XjvDx174pSK34EsDsxhHMYC9Kt1pnzzcK076WlyiEN9VF_wwryin5c7RjK858rKM7NfXIrhC5BP6v3JAaPM6UCxbudrg_T7ExYax_o5WLRx8XlFzbNbZfzxAgxITnkvBsK14uyppTQ74F_wdGJn8U6fyHLGaIKAYzGf50mU1gAhZW0nntpAxcqnkL_Qp9L-Lcnm91FFAiRhEbUnuJDE1lJaWWjla_OJjxQt0giT38evaAsoZjt08Z9ZNmvhRmuohqG5ZyXJqd0n_41OWDo1MPaihvAbVJ4vSod41IRHpqAI2m92Z9_FVJS5Wl5a7zgqnDowTX7bEL75FXE7DJkYFD0clUtcl5qTVTIX6NEAfzD68jCbNJbrQdKp6VOHYlphy5H93BDx6Ta-w_aQ29myw8TUOPj4c0q3ZxoEEfamfSRIEQk_aJq6hJah_8nmTrsuea1LtU8utPln3BiZQFXY4GUIeBjCixca97cgCl2j5Rt8yQpOEJYmJV0tQTiX9OCsVd-fA5rwhzhBpVCAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAWAB&cry=1&bundleId=

119 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
control.kt365.vn/ 52 KB
11 KB 157ms
71ms Document
text/html 2606:4700:3032::ac43:de84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://control.kt365.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:de84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061791d7fd8609a008d4ec467f19df95c0218c5f45d0705831a35b45284abb6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e288c1387a4bd2-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 10:51:16 GMT
link: <https://control.kt365.vn/index.php?rest_route=/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCz5oma2iiB%2FW3n7Hw6hTEMxXTWsXf7wzd7dXRDjJoUXFFfy3JPlmM0dj%2FVkeiRS2a3Ds6gd4Zvq3oEEtwCLuiEuFko9KgIUX0PY2JYiOxyDzEek%2BhWCcZeOv5lTKj11Yfn9qIGEWWHx22RjZR95"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-ua-compatible: IE=edge

GET
H2 200 style.min.css
control.kt365.vn/wp-includes/css/dist/block-library/ 107 KB
15 KB 150ms
148ms Stylesheet
text/css 2606:4700:3032::ac43:de84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://control.kt365.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: control.kt365.vn
URL: https://control.kt365.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:de84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 03:51:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-65641236-43787a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o%2FlFnvntivxP1jJz7pI3cVPpzNphId736dZDu4MOOwqDa5q6F6ccMEcsZL4yNqNRm6ThvbO%2FL%2BODkUuIs5szH3RJSFC8Hg%2F36SeLH1Hb0q256JUjpiTMDQTsDowSir3jzuOJFDilraYW%2BPBw6xL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 82e288c1b8814bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Dec 2023 14:58:02 GMT

GET
H2 200 main.min.css
control.kt365.vn/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 68ms
67ms Stylesheet
text/css 2606:4700:3032::ac43:de84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://control.kt365.vn/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by: Host: control.kt365.vn
URL: https://control.kt365.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:de84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 14:50:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4c6e-6564ac9a-5eb39c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dvItQf15crVj7KjEgKD5zUFRn4rOOm0qdg5QkNDJgUBrY1OnGGQjFOSfJJ36mv7dT5ZYZpBJg30sb1o77KGdyyNIcTlg9iE3PhtAgBkrYxztr74%2F%2FOLCDflr5FNEK2GxPcuoRjTJd7%2FDjbLbXwW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 82e288c1b8824bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Dec 2023 14:58:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 125ms
55ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5195111790972465

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8c380072c1943c5ae01267b8297fac71c34659f82b8743f4fa7704f141a5e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Origin: https://control.kt365.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52689
x-xss-protection: 0
server: cafe
etag: 11717431444685469565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:16 GMT

GET
H2 200 menu.min.js Show response
control.kt365.vn/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 65ms
65ms Script
application/x-javascript 2606:4700:3032::ac43:de84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://control.kt365.vn/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by: Host: control.kt365.vn
URL: https://control.kt365.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:de84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 14:50:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b3f-6564ac9a-5eb3c1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEGQ0u9%2BqnPFLRfHA83mS8N%2BPlNkwIa3Bta2v7zZSRlIvKEDfjgV7oslfCz1kCn2A0ul1PZ8laboikKtgxD7lyYobHizYHIx%2FNn%2FrwIiM%2FhFB1Dx8iubB65YG6wiVEm2oD4KyqWIWaOjLpK8x3zm"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 82e288c1b8834bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Dec 2023 14:58:04 GMT

GET
BLOB 200
OK 384e2913-be43-4606-8a58-a854d9bf7f85
https://control.kt365.vn/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://control.kt365.vn/384e2913-be43-4606-8a58-a854d9bf7f85
Requested by: Host: control.kt365.vn
URL: https://control.kt365.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 wp-emoji-release.min.js Show response
control.kt365.vn/wp-includes/js/ 18 KB
5 KB 71ms
71ms Script
application/x-javascript 2606:4700:3032::ac43:de84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://control.kt365.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: control.kt365.vn
URL: https://control.kt365.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:de84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 03:51:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-65641235-290293;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRzDANEMEziJSmGZmWzsWOYRPDe6YREpRwdmO9m0Y93edva8l8UYBCZd%2BNd2UU3RNSanvualx4jxBwy1nfFc0OfLQ0M4%2FgmiHmxiIpK8iuTPdUvGiJu5R1rXLGrg2rOB52sxNeUdJHeXioR2Ti%2BS"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 82e288c2dff54bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 08:21:29 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 116ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5195111790972465

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4785aa6c74ab83f176d55bed0b7e4ca4cb0354998cafe6f91ba96e48155c019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137246
x-xss-protection: 0
server: cafe
etag: 10449993737615216329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:16 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame AA14 9 KB
4 KB 81ms
24ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5195111790972465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 04:54:45 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 04:54:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 60FC 520 KB
125 KB 932ms
931ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5195111790972465&output=html&adk=1812271804&adf=3025194257&lmt=1701341476&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fcontrol.kt365.vn%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701341476315&bpp=4&bdt=215&idt=187&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1891809645389&frm=20&pv=2&ga_vid=917184070.1701341477&ga_sid=1701341477&ga_hid=1124298957&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3859106931910365&tmod=1597319002&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

669524f975991f0f04e0d3dded5051a1281a6cffb65a3462ded865a5f6e280e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 127933
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:51:17 GMT
expires: Thu, 30 Nov 2023 10:51:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
54ms XHR
application/json 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f79f497829714e4b042b006ce85a57cb8ad58dfbe322c70ba9359fe971fb373c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12443
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72f9b0822acbb0119028448e0341f30e5bd8c19700114ea13b6eb25d023a3699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55841
x-xss-protection: 0
server: cafe
etag: 14770822260604529424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 147ms
56ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame 547E 9 KB
4 KB 25ms
24ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 21:53:51 GMT
etag: 12051592065903069241
expires: Wed, 13 Dec 2023 21:53:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame BEF6 9 KB
4 KB 27ms
25ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 21:53:51 GMT
etag: 12051592065903069241
expires: Wed, 13 Dec 2023 21:53:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame 7CAB 9 KB
4 KB 26ms
24ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 21:53:51 GMT
etag: 12051592065903069241
expires: Wed, 13 Dec 2023 21:53:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame 64D4 9 KB
4 KB 28ms
27ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 21:53:51 GMT
etag: 12051592065903069241
expires: Wed, 13 Dec 2023 21:53:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 547E 4 KB
1 KB 133ms
45ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 10:25:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 547E 205 B
521 B 113ms
27ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:39:55 GMT
x-content-type-options: nosniff
age: 40282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 23:39:55 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 547E 604 B
696 B 114ms
29ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:48:04 GMT
x-content-type-options: nosniff
age: 133393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 27 Nov 2024 21:48:04 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 547E 16 KB
7 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:24 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 547E 22 KB
9 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9188
x-xss-protection: 0
server: cafe
etag: 17726137969773036382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:25 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame BEF6 9 KB
4 KB 75ms
25ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 12:00:21 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame BEF6 11 KB
5 KB 79ms
30ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 10:22:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BEF6 14 KB
1 KB 101ms
52ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 10:25:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame BEF6 2 KB
903 B 35ms
27ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:10:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame BEF6 24 KB
9 KB 35ms
29ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame BEF6 3 KB
1 KB 40ms
34ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame BEF6 20 KB
8 KB 30ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 04:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 04:54:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BEF6 202 KB
64 KB 104ms
59ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame BEF6 37 KB
15 KB 76ms
31ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 11:50:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 393C 624 B
246 B 88ms
85ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARjnysbbATAB&v=APEucNUIZFttioUrwQdPdVr0OWOc0bKQ43x22OLWI9l_Ct_teEaJy61npMWk4mXp6XYzkTxM3CmYoI8F83DBZXT0nNug4A0cfg

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:51:17 GMT
expires: Thu, 30 Nov 2023 10:51:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4FAB 89 KB
31 KB 54ms
54ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1278205/67950628/xbbe/creative/ Frame 4FAB 263 KB
80 KB 319ms
32ms Script
application/javascript 3.223.113.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1278205/67950628/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blMKh295eEfS54XRB3Fa1ahsHZziB64ziAc_dRD_zhbnh4K3c4D9iY2RLMaUpG-rBnWOw7uL9MBdnj1tYPwnGJf0AwhzzEv2PUo6vNN97nttTDGRk6oBL82SOwdQsN4S-RQAoCZ_4BTO22OLTOIyB5gqRh8NUeVDcHuMPivIhZGEFBy12DCfJHh0p2dGztDIIDudU6EXIgFWS5hihAABv9EuAj7RAhsibiG-Ohw5VhOEQholXCa16qmlTcWPf0c1spT74T1JY8oEhCkGWuFvC7L_kKsj3IGUAPvEYma4QeN03RQ1TSmX_CogCIVrtvNjy1c6qYbqgjFa6A-Y6CnJv7Ol-yt4i5eoKPFWBskvKxx2VM38ot-bedM6gd0_zWgqw5njAZpiqYSoUFL4C_DgITwhhMDS2Zo2rwafAQLor2yQ-UzqxcEo7mE30MDK5FJO7WrMFpLE_CGaVb2PDo7Np_Ccahmd__STjhu1IXw7G4tS3U971CIDTrsM9gpC3YhMUkizssooyJxPxOaAvKGOokiGWePBzrgvrHhHkK6JYxiVvTiNenZlS0T_C7nqcEFMeFqYWLjy9GhoJD2v_AMo8jY0KkaTOr5COy71rbIu10RPy7GcCff9G97QPMsGPsWxsB9DmWDhYCtoZbG1Ia02N_umwUT63iT_cSBVf75goUnPv7GeJk5NLzQXDznweFxcHAhQqWkvjxjoHQrqLi-wQXzb70Gc17vdCBmTrNSoGYbHbADbmOm0zt4NFcXSsO17Je1lxZoCSuxRPDX48_61eT2vmZtxQ01Io0fxuV_WJgAIhVpKRaGiiHJAcr1aRqFLcrVbs_KY_tWJGq54QVRG22eyw-sYbJIz4SUtFjx0Z6Zl0C6eBzbAMUvKZqPAdFnAj5zU6zQc02mbObIn1yB-plTOsfMssQBNzj_z7rzdlBkpOW49GGZOY2xctFWTczqDpOLaTCQno6CE6mdmPWiRh3WHGx7hS6BxViNpJd2LEFoY_trTWK4W1zp2icl802tmD0_-1Uyi0v1yhoU2qlyxqCgmYIWAMl91XL0Qb1BB23o-dsFt2Q1QjjUZrteJ6te6upIY0dadJADG8aAqxqImwShQrC_kS7hkRraLgkkZj5UoRRDHbK_aS0haakHMsdNm6MCiqXs08NwAUbUw6MoBRJk3DHro0POeD5fRrXLaHOJx909PsPXyQVM1duBZKSNd2j_byzwahkj3hyErcZ-5Hs30QYdkwJGF14BpVxu49J6Vlncy8v0ti17JlE4CUKkGX-LPV_WcnvdV6JQvQyyWzsuoZxRjJAYQd8rvOwk56Zp-vM4RCQyjAkMaUnaiMAXGeKLJiGInccHDH9bNsj9tjSh7KjIQEHV7kIw2d6tmLlZyYq3gknYKtjHranXAipxM1DKjG06gLvhsX5Iz3kcd1HFb7_PC2llLmeVCrHFu8I6JAAnTZr7Pq4LEoU4Jhha8rPXKiR2UGNOkCUNVlLzpUwQC2YnXPzj1iuDnKMyrUQvjXg9qX1pDlqDJaTJuT-zDyuD4BY2UDFAMyiV8Z3MMUosP3L_SVKe6hBR4WX9yEjykuM2OV3_pyZl8GxqZlPsJDqOMuY9B4vIltnBvs4hUrjT9e3h8l1jCVTNYnCgwHmTYC0mdlf2-eLaoeXyxu9J0sKHaSMie7jNEsvnE5jD9w3KgRPIxjb0mznIp-Cckolo16k_LLQbwSpSOGSODSk0KVU7olxKOgxCT4UKUp9tcGI5X26rt31JQrw6A_5IOIjBbAmqE8XqUkOnl4E4bOI6XxuCgCRZTJuth4KOWVfuuZhZTWMPRKPFhDP9I7aSknpI3s0_gCWk1l-r78fr5PbC_xAjt4pgb085XIFNsym1SsgQhME-F6e4qBy7USJ5cc6kLB6qFj6ERRzrhnhXO9NTVZMRtFE62-VW5CHgT7rsKI_HcckpD-kPU_wqJmPQ_MSl0RydCYZx_VvhgJgQuqJaFcj9mnZ5srE6E7GFhc3YFhZ2LmjPE2p_kBPuV3gaTlYTaxMU4LAtvzkWNqdyVwdF1dZBvGLm_V1RtG0wqyA0F44oeGMRkjsjaPfM396yRab9AeQZoE3qW21lPp5w3mQjY9-2gWYKOVIHUnKdQJUA1caYJwMidXxJg80YYWU-G2PPcTgtjz3mCn5_1p0nqx8Xi7rIdTcW6ioVV6TOpbd4zKe7TUp9dZm3TviIdksUX9xMXL24pZRIMGfjGYon2uvnZx43uk8nX56GBG0HSn0ohv5il6E3owqjBvMsY3uCbWFdrmoglAaMI1uYWWycLpvXbSIpFrR3O-ybXdB6olzsnTDvhkJbEy1hs2M9enlJqmR8jYJ5p2y0EVrNvVrakTwHaunWYk4OoYNYFOGTUaoV_47_6T0GVOgps83-S-4wrGC7y2V7ic2jcRS3GZQOiTeY0NEqXq6DpkNGc2sHFCjK2vSO2iLWQjDnpNM6ftQyfrLB04uVq_iwbNoYQVdGn0nVYV1t0Y1iDg_ngAub4cMAC3K5nqnWYVhDI-lukDSCz4one_3WC6RPxeLaotubURZsBHXlU2vCC7AB6MyOqB2pzCK3HVAxDkQvMWVE1xJba62CkgwUFFtyfwekJC0UiUueVDPIC50TzV_ieIrDretWSTxStFrHI7TJnSflLHZKGBH2WXmR2-nX-UZIQEP8xltv7uwToICRn6q-4b1eCd-rbIfD5X6rMX4YWpJk-ZTH9NcFhTS8n3N0ojRVe8yRzgI5PmB8MRSNq5UYXwJjE7w5K5rC8eHzbG5DXNSE4bM5s1oFtKa6SyvufYvEBoPi66fZ8HRNK8PKE5yNaQbapXJcwY_RZWl2-X4W0axxu0ef_mgyGbwlehpe_EsGLbxFycjEZzcsQCwc6ppC3yDVepvlH6ClVIvkEu4wF12-R_5yvzk55NAzDvU1tAzrbiPo4qbJN1G232TjrYWPErVgD-sKsCqT9_tK8nwrC3MnGFpr_htGns3AeTr5hfzLYwijFJ4ScN85017SnFky4yvKIOWhPLcyz8-qADRU3BCtW398Un9vgkCHkHOiH5LuTcS32MIz6kI1jwwVl1xRz-L1YccOeUM0wclUoqxu5gjuXWF_f2f12rYseDHzCcoICj1qxLLCBy3MJqKr0i8oFiZ7Ips6onbiEzC2zbFwBnWdDG6maxt-gJ2_XjvDx174pSK34EsDsxhHMYC9Kt1pnzzcK076WlyiEN9VF_wwryin5c7RjK858rKM7NfXIrhC5BP6v3JAaPM6UCxbudrg_T7ExYax_o5WLRx8XlFzbNbZfzxAgxITnkvBsK14uyppTQ74F_wdGJn8U6fyHLGaIKAYzGf50mU1gAhZW0nntpAxcqnkL_Qp9L-Lcnm91FFAiRhEbUnuJDE1lJaWWjla_OJjxQt0giT38evaAsoZjt08Z9ZNmvhRmuohqG5ZyXJqd0n_41OWDo1MPaihvAbVJ4vSod41IRHpqAI2m92Z9_FVJS5Wl5a7zgqnDowTX7bEL75FXE7DJkYFD0clUtcl5qTVTIX6NEAfzD68jCbNJbrQdKp6VOHYlphy5H93BDx6Ta-w_aQ29myw8TUOPj4c0q3ZxoEEfamfSRIEQk_aJq6hJah_8nmTrsuea1LtU8utPln3BiZQFXY4GUIeBjCixca97cgCl2j5Rt8yQpOEJYmJV0tQTiX9OCsVd-fA5rwhzhBpVCAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1009806384&ias_pubId=pub-5195111790972465&ias_chanId=1&ias_placementId=19084107325&bidurl=https://control.kt365.vn/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h9wdwoL2XM5vJZ3ooz-NZ4
Requested by: Host: control.kt365.vn
URL: https://control.kt365.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.113.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-113-34.compute-1.amazonaws.com
Software: /
Resource Hash: 90fdf24a8611bb1b2413ec23cf0f18e79a82ac6e7ce3ceb599ba0774255b3066

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 4FAB 3 KB
1 KB 30ms
27ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 4FAB 20 KB
8 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 04:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 04:54:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FAB 202 KB
64 KB 72ms
42ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FAB 42 B
63 B 85ms
83ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CF_PEYvtjhXGsGnK5yeBc_OezL8zMWUBhiUpg5ZJ9_uampz_ofL3zs63Ku7FFoZTkY0JmYJwJ7pX2H-MS839SvKqpLFXj40YBPMTFv2RoWYzzRMFE

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FAB 0
20 B 85ms
84ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11007670176126319741&x=1&ct=76

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 186B 624 B
246 B 59ms
57ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaoDBD-pYUBGL2Yl_sBMAE&v=APEucNWCnRKaiKXM9DMT00NRDA_auv_kkQLH1vz5taJOzJ4NYF4pYSkOJSLKllPc9heMiIuX8DiWj2EbEvyRMKG-gFSMDTIIeQ

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:51:17 GMT
expires: Thu, 30 Nov 2023 10:51:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 4E88 24 KB
9 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:37 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 4E88 7 KB
3 KB 43ms
43ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:37 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4E88 0
0 309ms
60ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsufKse3MQjUBRF8lA-H-GPuP2o0wwyudYmhy5d15uN2u25_vSUcAX8I8AHgarK7KjhFIqlbxBYk0ZKvi8SL3fVKGR0jcN8Hp7W1PHOUA5nQ0sC-IWmwCODAum3p7tv0FKaDksFCBbB3HQxHOdCd9XnG3wL0Mdw1ttI011ppNIw9gzbhTJDEpgkQTCDxZJlufzcyjxCEBmkphm60f2t7TeMDFrzVTuYBX_ikIN6uB7qBqYOGUrrFqS_kQH0goJlkucu_AboyqnFjtvWodLZPCncJJwUFyS6ZuVNt9MxJ3PHMkORMEsvTpiUPIjJA6Pw30hDNLnFDM9sWOBmhEzh5UqxKptfKZxxCUBqVriILjNVWlJ8GRM8AIbYoDXIxyXe7c8GQu_kwf8m4zdaqPrIuhX-7LhAYt334CKBSESvB2kIvvX2GoOJNG_RfTtLHrk99IgrOeeZMof5szjMatBz-1gN4I9pRrHQOSYb1NRV1q69UQzKjX726KVKnsdkmB43rFtjWZavRvJNgcRVNlH4ddqNeav0iDXZGga8-L0rrj1IR1kj21bBuUX1zbimfFFjNJAeJ7Mr4LMdztKYqxwt_wHj0JWy8-EQNYNaNO1ePvqaAl-U9yZVvR-ZM0ed_AFPl-vjQUrUDFzwQ1oilO7ycgde2R5pE-MRKvWVzrr2ctxs-lXbBJT4CT5iJSxM0_JgAv7yOM2wQafzk2CINVIKItShd45HQcWosZJwNpNpmj-0gkvJ_WKa0jywL32hkSCnPP_H0C87-7SztvZJQ8AgoPztr7Xm-2fchP4UR-q84FC831ps8wymDlWrWkPNWhRxuJ391G4C-uaaQEszPeElO81AKRX3BnwXcxy9quVojCKC-tdET-CHwR-EvyAYklU2-O54sUpb_WPCed4zEGYTKN70RSz1f7AjRWgFlDfxgMtzIoAbJ05GW3oaY4MrtUBSAYghjL3Luou3UdqFyJxYgL96KELsKQ6QkQRV5S9jpA2KwY3tIBNki2Qns_p0P1YhMebZ37wBMndbB83TuS9A0f1ZcsJBNNWKNMwFnBdJfnkR9WGrNHRbb4Dp2bdlkDx5g0joUydafO4Q4q13rxncsdcwtNdGcqO4XLiZWbuF0Rh1sqlCPpImpvw8uE1xAkvEioD-_dQ6z2Ugs1TSAuVONFVkCTce6iNPSvHSmyKBNLRReZ_T0WA_830ahE6DAsHvqCeZM7NghXIqQSYLvTvqUVQ0h8HpWATzD_PVemVviJNv3RzYTLJf_1MTjZ4a_Jw8hfTMsWQf4VJWbKnFcTbSMI0epOGrBtzkTADZWPGsbAbjgTLZWhTYIUQGfM2YMXlF2lhy8dwmuZmZ6VRg7PVHlEsP74RyzVGRs3ezjVyY&sai=AMfl-YRRux-r9YwSpMh0yzx9xJga7kmTrwARkiiHPmhh9tsyEeA15zq9PozZrwZNeOeO9SBxKDMwix0MkMz_bmWf5XBtdFu9qKcDfa-8D8zpHnMY0rf84vcgXhaVcZrR4g05Vv2MMdVFIKXXjuFFf4dQZDa1eXD4EaL3Tei57e6w-1NPeRSbBXue2QetBJ6OG8Q5G-fzev0kC1t_ORBh6yMI5bIzuKd6V1HUUpTrbN2saq-lMKFLXmmvcbNkTAk1NNhYDzWT2GK-gxM03Lop77S3dFiWh6_qpihYahPqpOWH1F0bcm1o7WBoSJfKlMu145s_BeWcULv4AJI-YK0rCdgWZmhXF7t69GeJDnnVgNGI6fz8IrfhloYK5-bf960rOjvQDdQoVehO5i-65_eHC5HLjLwOXNaVxwC0rbr7Mfcspm99JChJ7CaPIMB3daX2P_iJqCN4WQO1UASO7N5-AGRoYLezoWFNS3hUCio5hG5i5rQOKaMpdq7g2abOkUVUMD35SivfguqzBHFL&sig=Cg0ArKJSzE3Q1LyacDJiEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXRpemVuc2JhbmsuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231128.45137&arae=0&ftch=1&adurl=

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 10:51:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E88 41 KB
14 KB 174ms
143ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:20:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 4E88 3 KB
1 KB 182ms
150ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 4E88 20 KB
8 KB 174ms
142ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 04:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 04:54:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E88 202 KB
64 KB 184ms
139ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E88 42 B
63 B 202ms
170ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AB6UqUOnkXg8CG2V672Jo4niaU-yZYdVp3uhNinXcdizzzn6cvaI8YWmTOJhdZihFeLgWv0sqJV98TC_SfgyyKeYD7guyfx7qqKCCgnHfWYnD2N4Q

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10730376913408171612
s0.2mdn.net/simgad/ Frame 4E88 30 KB
30 KB 266ms
23ms Image
image/jpeg 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10730376913408171612

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d200a8e918bf01d0c1bfcf8ab4177c9117c5ddbe056f4d08e28aa19232f243e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 09:46:50 GMT
x-content-type-options: nosniff
age: 90268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30525
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:31:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Nov 2024 09:46:50 GMT

GET
H2

200

firstevent
citizensbank.demdex.net/ Frame 4E88
Redirect Chain

https://citizensbank.demdex.net/event?d_event=imp&d_src=110948&d_site=5861052&d_creative=202468609&d_placement=378855131&d_campaign=29119290
https://citizensbank.demdex.net/firstevent?d_event=imp&d_src=110948&d_site=5861052&d_creative=202468609&d_placement=378855131&d_campaign=29119290

42 B
729 B

92ms
90ms

Image
image/gif

34.209.39.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizensbank.demdex.net/firstevent?d_event=imp&d_src=110948&d_site=5861052&d_creative=202468609&d_placement=378855131&d_campaign=29119290

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

34.209.39.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-39-106.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs: dcs-prod-usw2-1-v050-0af2f3eca.edge-usw2.demdex.com 4 ms
pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: IsDv0fyxRgI=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-usw2-2-v050-00f0c5b5a.edge-usw2.demdex.com 0 ms
pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 4Inl4IumTNw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://citizensbank.demdex.net/firstevent?d_event=imp&d_src=110948&d_site=5861052&d_creative=202468609&d_placement=378855131&d_campaign=29119290
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 90DB 13 KB
5 KB 137ms
130ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 26201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 03:34:36 GMT
expires: Fri, 29 Nov 2024 03:34:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3111 829 B
1 KB 245ms
45ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d727afa66e9eb3c25639a738ef78992e6606f9948fd67d6b5635e9e33ea684d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dQ4nQjkCeVi0i5if8OkFpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://control.kt365.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dQ4nQjkCeVi0i5if8OkFpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:51:18 GMT
expires: Thu, 30 Nov 2023 10:51:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FAB 0
20 B 126ms
125ms Ping
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4266765257278&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FAB 0
20 B 125ms
124ms Ping
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4266765257278&version=m202309260101&ct=76&x=1&cor=11007670176126320000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4FAB 16 KB
12 KB 122ms
121ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKAv4X37ZuPJMKnkP_A1VtAHOBmJkfO3gbqkh3P6HqHrMgleMwiwLx5l3-F54vzTIruJ7suO5Oj3MI2ywP5AYI7bCJoh2dejd2rGS0VkvQzcBWZTmN4OsfLE9P_As8raGSQXy4Buwmv5zwFY1DgqQAviy7zeHRCWRqYOeuKj_iijAqtpI&cry=1&dbm_d=AKAmf-Af0eYtTksf1hZYCoq55TlzBlaz3_-ywEj55eSbU04RHLlaRBw_SWAQBd6W40cidQ8QT-PeKIGlkOVTE5Dn7n5XXnhHwbyauLmhvjUmFqpKglel_l-zrJ5Dp49JFB1pAcPYwAPBI_mRfNFltOLYG-YeYJjywPetfwqP-5mG0GEQqr2YZsqdlSE1LmM3Y9udl9A63YnYNXhVdLTJzYTgWXax9PRd8DMj-ha-zEnel9SBB0LADBTTxANO6qMCn7t4voNTCDU9TVcS4va_c2f_dQKFT0Nnf3dQ7cmgPzjSj2Ba1IwEjQJbDG9rKkpH18b78ORUXqO2bPUvt8BErEbFlWdOyngK12Q7kaLYJGoR3dSuwFHt0JwRS90fN7jXJnYPvs1XQFuqIeavS3NXov-HEYSdFY3P9fKNwZ5evMZNJBMfUfAa2VSqQreYDNfEKL51-z1a8wzSn-1hxiXUDXoIFrOkJHzYYqvz-cNDKdmhT4b3aAZr5JTEzv43EyinydgBu6HI1x9ar1ePYpGT8sbDbj6Bkr8vqngPGQ5RLAXYCgZUpSb8eeJc4l5_6KJ4X7UKFEVluUzRdR2sRpOUYypfFbZGXmDE3kgcP7_X5w18HdY90Z3jEcg4AyQGkfvnt1XKhpjrUMwSSKUYPZBIEYUnkOWETpPqiuRvls_fP5c5VoHSsgYNEKW2BvpTchFc0QJhm_tFBCAwkW8Z1ozS3endytWMcxjVp1N8mNFr5zG8-Qssr2Dopbyeg9cuKWP6VqsnotDD0PHTCkvoHnAa4v__-5Ho7Ic831WyKYJ_4duFOe5wBr5iqTYV0dkuWdGW5dRe6h02JHVGYc6ziAlGARBcFWYC7_J-YqK9OQUnPfCQd_I_gyFSyQIVfy8O8nJ1jKIsigU2VDpssj3KoEmSPUeqBsuxP2EtURkvl1mw6BBeH0HzqScCaQbuixpWWWDNDyy-VaYlliQwsbARye5ZzdrbUZThMeUuKCAANXMnS85psG9a0vc0EN47awDOhy7Dy19afWinUkjYDOQ2tdaTOZRncdg-B3llz1KgyId0E-hE2Kmy-8_mA8FyTI7zoictuRqFPpnveJJyVp6Pn8reAbV0zY1Wu4VI_xEk49MTaNHATAB5MZtvNiNLjoYMjSKM4f3rHizs-pXgxeRe1FhnbmectFht71FKR_WThoO-Jl_b7M5QXy0FONDozM_1CK4wwO_scZHgIW-8uMrH2LaxXtQ3xmLPiN3nlilr7nJ0xonAXC1zc2T4u5-dSk8Ojg1TSKpMR1lcBHgEkNtrmrI9OOMOILkROaeQK9TgzMsW3bjaxXiBT89U2qG7-wowMwWEjlL15gp3ULXfHZmTBITQa7Zjv7ESER-H_F0SauJm_8fYJnPTebU3Xel-jXWcLqbOIKG0JmtrAxqCr222VHVQjcyAUu1jNcaIBHyroViKDNxFnQ1z7QJ8WfiIm86yl6UpCWAjdTQaXM_dQZVpOjhqUsnYUmtvPsP8iYlu6NfxIqLzGQDlH_kodw9m3RefGch1zZyRM07zWXiPWyGGRg5kjmMqpFvs6jsr7Wz3VctQwL2bDg2hGJ0axmIDJYiQ7HIFqB6RtUvA535ep5l8xDqZsuSIAO_a97QqfXVNEs05rkAI7yf-Ccp8X7xEWxRllo0iR-WdVm8tudaAL2XcH-Xw4Gak7dj37VAjgZ6kux39KrS5KCeiaGo4ldMWpuTZ-uVj9mXDoIyB-pwAD36icxx7R54UTWG0Bmwx2HEKQdxr8ge9bdJm4LMOqIBxuG2dirRAs-DHwJCkCMmNxwn_03uaMOOAzN6IAHKj2FJPrViY9Q08b25rwC63VrZzakQI3LkMXJheAU5kPp2K7UJ_WdpACxYq_X8Meyw87r5cftZV65wFUHvkO2K9NCwl7HLpaIq0VftnondzDvv4CJ2z6pSCwyFDasL14Q2f4bTmqp1aeyonN6IszbHSYYYYihVYNC30TqgwOEGxpB1CBm0hLUWAgoeBUEqcr3DMZyiKv1G1G18JPeliSJYLobDWoSW5dxaMawK30r1sgXrKh6M--XP9A-hmmvuIIoQoQzv7fvC064B5_3CUqhyzhHVMWhO9f40_EDfYX4zM5Lw2ImUrEuMZToO5C0k9uAuDzrK3CGR15iBXsGGrOT4K9I_yWugcuBOnjM6z-HT_RT3G_xkhCRomW7FCO0_K9CneHiLAJxkuuaycjxOegc6295OVR42Ji8AnPl6VTohpoWciAzk8ZqrTiBON9bQ1MM3HVxeU1foIFJcdT9N3CRZk_C3DeyaPthXbgbNb-2TzlZbpfZJX_5FMnZH4-32l1ezkDcyFn2gUyIBfrGywMxKauLZK2pmvd_0x3Ap5Nk-OqLqsgkgdlSrHwJ9ueSIBbwl93nYDmUbSGGZaNO8dfzJGzlJYFVUTUok26Xp0R0t9uz17yHpeC1HZVSjn6pj8fNDL8PEHDFRp9pb3YVlP4aNuD9i6f2Dofq63RHToGk5ymmmeZQbckEoOtre5jTw2VuqyuYsEPJ9kt0xgib_y0ByAawZ5Aaj1Mv1HgO2uzexqU1zzQg0SE0NoCH-wITcYKotIOXHFJzrnU2LkxqrSMwarOk8zJ6CDYVoXdgApBSz6B5QWMZOAQOXrgo67Fe0uTXirUhdp5ric5JhPkpMiscVuz4UCRHyrau1emMdsB-utF6sADflqCbfDyZKYZyUfEem2yD7dGlEn_uYGhOvRVTjgTMyEcv6Sf8dVocTifh8cJnTFlRk5HxRm3fzonCOXBIoo6K9dGFSVLkuXduAlrDEdJVvTWwGuDpL5csp_-qD9idLlVgaRUR6H4_deyEHxBTwRrpKXkTRYmlcsI40ypdn9yn6HoW7jWvQRrM-sNoAyk3Z4Yxz-FqP7QZxtVkv0Z4D3VkL6d9sonejBbKByK-j4GRKY13gkeUzjkrW89Cp7VqVICOOT9j6V_mupL1i8LfqWF8NfDEBfWMX_o_dEA28IGAPrXtzvNi0OCQCtlI17Z3XqhenM8sQQuzeBMAGZOux6DMbHtq1myoE-gmzP20DRcb9yhw2DjkT4PxzC02HHBcWEtVAUcdyQKgTDtVmmVHxtN5RHiPZiwmqIoRigjX2b5hw&cid=CAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcontrol.kt365.vn%2F&ds=l&xdt=1&iif=1&cor=11007670176126320000&adk=1761367587&idt=95&cac=0&dtd=32

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bba439a4b241b97e3e36f5fe69a9d307efb97bf0df3cd7dd61afdb7bda848f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 393C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1

43 B
327 B

62ms
59ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARjnysbbATAB&v=APEucNUIZFttioUrwQdPdVr0OWOc0bKQ43x22OLWI9l_Ct_teEaJy61npMWk4mXp6XYzkTxM3CmYoI8F83DBZXT0nNug4A0cfg
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgCM9r%2F25AgCtXlMGI71gXp8YEDOIhoXg9kRxomsuaFC40oIAtPzTffDCZl1DWGVqNa3BApj%2BedFDvT3OwC13%2BcAfjEIms7fc7P%2FAtazGNtUpvxMGEi%2B5WMdAN7DbnapHR94Gr9ccXDn7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e288ce6f4c36bb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 393C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhpJsP0PA8r5JIttog3ZAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1

43 B
734 B

70ms
70ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARjnysbbATAB&v=APEucNUIZFttioUrwQdPdVr0OWOc0bKQ43x22OLWI9l_Ct_teEaJy61npMWk4mXp6XYzkTxM3CmYoI8F83DBZXT0nNug4A0cfg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cuf1%2BgrFSz4E3iik2%2B6zm0%2Fxx2cNDbCA6P4YvYdAGpIW7LVssgFMhkWWCLlVtqBy4dbNlizDPdVFfWQ%2BDTFNtpIlmWHtFUOyNNK7f5V6PFxPkm1TLUPJHVdvpkbxUlyQz7eSjLO23BoNTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e288cf488639e7-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 393C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1

43 B
841 B

70ms
65ms

Image
image/gif

68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARjnysbbATAB&v=APEucNUIZFttioUrwQdPdVr0OWOc0bKQ43x22OLWI9l_Ct_teEaJy61npMWk4mXp6XYzkTxM3CmYoI8F83DBZXT0nNug4A0cfg

Protocol

Server

68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
an-x-request-uuid: 269487bc-03a8-4a8d-b8b1-5fa1c90c180a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.246.196; 96.9.246.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 393C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjAzNTA4MDc1NTE4OTEwOQ%3D%3D

170 B
243 B

43ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjAzNTA4MDc1NTE4OTEwOQ%3D%3D

Requested by

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
an-x-request-uuid: cff11c3d-ebcc-4ec6-a071-450265daf52b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjAzNTA4MDc1NTE4OTEwOQ%3D%3D
x-proxy-origin: 96.9.246.196; 96.9.246.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 186B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1

43 B
340 B

60ms
57ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaoDBD-pYUBGL2Yl_sBMAE&v=APEucNWCnRKaiKXM9DMT00NRDA_auv_kkQLH1vz5taJOzJ4NYF4pYSkOJSLKllPc9heMiIuX8DiWj2EbEvyRMKG-gFSMDTIIeQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbhwByTGEEYGLKsZ304iSZ9ZrT1UvD%2Bq0w7aCtE9JoEloPqd6i4tpNAfseXF4vPLnDFA%2FOm64b%2Bk9%2BMur%2B3eZSHcKc708bhJyVXIOQxvWisI2URPPMCsxDrdtexTk%2B3M5f5tA0nWgfinig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e288ce6f4e36bb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNVm--Grxt_lzcxp_IIbPs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 186B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhpJm3PsllNqIyIxTMshAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1

43 B
767 B

46ms
45ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaoDBD-pYUBGL2Yl_sBMAE&v=APEucNWCnRKaiKXM9DMT00NRDA_auv_kkQLH1vz5taJOzJ4NYF4pYSkOJSLKllPc9heMiIuX8DiWj2EbEvyRMKG-gFSMDTIIeQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmHl4lW%2BpRObP4vUf67J3b1fY7EATs6RngT5GiFJDEMtZlIOjnLcLsZQ8ZstKxjUp7YNSCwapFAgZkrzKbyC%2BZRlPt0JLa3FBDxpZ0YPSbFgrPPcEcBZZB2YcFcWpSLrfh7uJJCCysresA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e288cf086b39e7-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEClQl-_E4XVB2Ro54qkK4Wo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 186B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1

43 B
841 B

65ms
60ms

Image
image/gif

68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaoDBD-pYUBGL2Yl_sBMAE&v=APEucNWCnRKaiKXM9DMT00NRDA_auv_kkQLH1vz5taJOzJ4NYF4pYSkOJSLKllPc9heMiIuX8DiWj2EbEvyRMKG-gFSMDTIIeQ

Protocol

Server

68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
an-x-request-uuid: 292b3bec-57aa-4df7-b634-27ea18a5d124
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.246.196; 96.9.246.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEENYfp-de2sFdT5FmsARri8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 186B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxODU5MjY2OTQ0NTA0ODg4Nw%3D%3D

170 B
232 B

42ms
41ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxODU5MjY2OTQ0NTA0ODg4Nw%3D%3D

Requested by

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
an-x-request-uuid: 580f81cc-34a9-4e72-aa0c-9239849a494e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxODU5MjY2OTQ0NTA0ODg4Nw%3D%3D
x-proxy-origin: 96.9.246.196; 96.9.246.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 93AF 143 B
166 B 42ms
41ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:33:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 7B82 14 KB
1 KB 65ms
23ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 10:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 10:31:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 10:51:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 7B82 2 KB
822 B 50ms
40ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:10:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 7B82 24 KB
9 KB 50ms
39ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 7B82 3 KB
1 KB 51ms
40ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 03:32:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 7B82 20 KB
8 KB 53ms
43ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 04:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 04:54:32 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B82 202 KB
64 KB 64ms
53ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 10:51:18 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 7B82 37 KB
15 KB 45ms
10ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 11:50:27 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4E88 0
0 57ms
55ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsufKse3MQjUBRF8lA-H-GPuP2o0wwyudYmhy5d15uN2u25_vSUcAX8I8AHgarK7KjhFIqlbxBYk0ZKvi8SL3fVKGR0jcN8Hp7W1PHOUA5nQ0sC-IWmwCODAum3p7tv0FKaDksFCBbB3HQxHOdCd9XnG3wL0Mdw1ttI011ppNIw9gzbhTJDEpgkQTCDxZJlufzcyjxCEBmkphm60f2t7TeMDFrzVTuYBX_ikIN6uB7qBqYOGUrrFqS_kQH0goJlkucu_AboyqnFjtvWodLZPCncJJwUFyS6ZuVNt9MxJ3PHMkORMEsvTpiUPIjJA6Pw30hDNLnFDM9sWOBmhEzh5UqxKptfKZxxCUBqVriILjNVWlJ8GRM8AIbYoDXIxyXe7c8GQu_kwf8m4zdaqPrIuhX-7LhAYt334CKBSESvB2kIvvX2GoOJNG_RfTtLHrk99IgrOeeZMof5szjMatBz-1gN4I9pRrHQOSYb1NRV1q69UQzKjX726KVKnsdkmB43rFtjWZavRvJNgcRVNlH4ddqNeav0iDXZGga8-L0rrj1IR1kj21bBuUX1zbimfFFjNJAeJ7Mr4LMdztKYqxwt_wHj0JWy8-EQNYNaNO1ePvqaAl-U9yZVvR-ZM0ed_AFPl-vjQUrUDFzwQ1oilO7ycgde2R5pE-MRKvWVzrr2ctxs-lXbBJT4CT5iJSxM0_JgAv7yOM2wQafzk2CINVIKItShd45HQcWosZJwNpNpmj-0gkvJ_WKa0jywL32hkSCnPP_H0C87-7SztvZJQ8AgoPztr7Xm-2fchP4UR-q84FC831ps8wymDlWrWkPNWhRxuJ391G4C-uaaQEszPeElO81AKRX3BnwXcxy9quVojCKC-tdET-CHwR-EvyAYklU2-O54sUpb_WPCed4zEGYTKN70RSz1f7AjRWgFlDfxgMtzIoAbJ05GW3oaY4MrtUBSAYghjL3Luou3UdqFyJxYgL96KELsKQ6QkQRV5S9jpA2KwY3tIBNki2Qns_p0P1YhMebZ37wBMndbB83TuS9A0f1ZcsJBNNWKNMwFnBdJfnkR9WGrNHRbb4Dp2bdlkDx5g0joUydafO4Q4q13rxncsdcwtNdGcqO4XLiZWbuF0Rh1sqlCPpImpvw8uE1xAkvEioD-_dQ6z2Ugs1TSAuVONFVkCTce6iNPSvHSmyKBNLRReZ_T0WA_830ahE6DAsHvqCeZM7NghXIqQSYLvTvqUVQ0h8HpWATzD_PVemVviJNv3RzYTLJf_1MTjZ4a_Jw8hfTMsWQf4VJWbKnFcTbSMI0epOGrBtzkTADZWPGsbAbjgTLZWhTYIUQGfM2YMXlF2lhy8dwmuZmZ6VRg7PVHlEsP74RyzVGRs3ezjVyY&sai=AMfl-YRRux-r9YwSpMh0yzx9xJga7kmTrwARkiiHPmhh9tsyEeA15zq9PozZrwZNeOeO9SBxKDMwix0MkMz_bmWf5XBtdFu9qKcDfa-8D8zpHnMY0rf84vcgXhaVcZrR4g05Vv2MMdVFIKXXjuFFf4dQZDa1eXD4EaL3Tei57e6w-1NPeRSbBXue2QetBJ6OG8Q5G-fzev0kC1t_ORBh6yMI5bIzuKd6V1HUUpTrbN2saq-lMKFLXmmvcbNkTAk1NNhYDzWT2GK-gxM03Lop77S3dFiWh6_qpihYahPqpOWH1F0bcm1o7WBoSJfKlMu145s_BeWcULv4AJI-YK0rCdgWZmhXF7t69GeJDnnVgNGI6fz8IrfhloYK5-bf960rOjvQDdQoVehO5i-65_eHC5HLjLwOXNaVxwC0rbr7Mfcspm99JChJ7CaPIMB3daX2P_iJqCN4WQO1UASO7N5-AGRoYLezoWFNS3hUCio5hG5i5rQOKaMpdq7g2abOkUVUMD35SivfguqzBHFL&sig=Cg0ArKJSzE3Q1LyacDJiEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXRpemVuc2JhbmsuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=331&vt=11&dtpt=329&dett=2&cstd=0&cisv=r20231128.45137&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F25C 38 KB
13 KB 28ms
25ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 486814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 19:37:44 GMT
expires: Sat, 23 Nov 2024 19:37:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4E88 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175356879114bd3464396771d33f244bdfc3fe4ffd6680af7b4d4cb2d86f1fd3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4FAB 41 KB
14 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKAv4X37ZuPJMKnkP_A1VtAHOBmJkfO3gbqkh3P6HqHrMgleMwiwLx5l3-F54vzTIruJ7suO5Oj3MI2ywP5AYI7bCJoh2dejd2rGS0VkvQzcBWZTmN4OsfLE9P_As8raGSQXy4Buwmv5zwFY1DgqQAviy7zeHRCWRqYOeuKj_iijAqtpI&cry=1&dbm_d=AKAmf-Af0eYtTksf1hZYCoq55TlzBlaz3_-ywEj55eSbU04RHLlaRBw_SWAQBd6W40cidQ8QT-PeKIGlkOVTE5Dn7n5XXnhHwbyauLmhvjUmFqpKglel_l-zrJ5Dp49JFB1pAcPYwAPBI_mRfNFltOLYG-YeYJjywPetfwqP-5mG0GEQqr2YZsqdlSE1LmM3Y9udl9A63YnYNXhVdLTJzYTgWXax9PRd8DMj-ha-zEnel9SBB0LADBTTxANO6qMCn7t4voNTCDU9TVcS4va_c2f_dQKFT0Nnf3dQ7cmgPzjSj2Ba1IwEjQJbDG9rKkpH18b78ORUXqO2bPUvt8BErEbFlWdOyngK12Q7kaLYJGoR3dSuwFHt0JwRS90fN7jXJnYPvs1XQFuqIeavS3NXov-HEYSdFY3P9fKNwZ5evMZNJBMfUfAa2VSqQreYDNfEKL51-z1a8wzSn-1hxiXUDXoIFrOkJHzYYqvz-cNDKdmhT4b3aAZr5JTEzv43EyinydgBu6HI1x9ar1ePYpGT8sbDbj6Bkr8vqngPGQ5RLAXYCgZUpSb8eeJc4l5_6KJ4X7UKFEVluUzRdR2sRpOUYypfFbZGXmDE3kgcP7_X5w18HdY90Z3jEcg4AyQGkfvnt1XKhpjrUMwSSKUYPZBIEYUnkOWETpPqiuRvls_fP5c5VoHSsgYNEKW2BvpTchFc0QJhm_tFBCAwkW8Z1ozS3endytWMcxjVp1N8mNFr5zG8-Qssr2Dopbyeg9cuKWP6VqsnotDD0PHTCkvoHnAa4v__-5Ho7Ic831WyKYJ_4duFOe5wBr5iqTYV0dkuWdGW5dRe6h02JHVGYc6ziAlGARBcFWYC7_J-YqK9OQUnPfCQd_I_gyFSyQIVfy8O8nJ1jKIsigU2VDpssj3KoEmSPUeqBsuxP2EtURkvl1mw6BBeH0HzqScCaQbuixpWWWDNDyy-VaYlliQwsbARye5ZzdrbUZThMeUuKCAANXMnS85psG9a0vc0EN47awDOhy7Dy19afWinUkjYDOQ2tdaTOZRncdg-B3llz1KgyId0E-hE2Kmy-8_mA8FyTI7zoictuRqFPpnveJJyVp6Pn8reAbV0zY1Wu4VI_xEk49MTaNHATAB5MZtvNiNLjoYMjSKM4f3rHizs-pXgxeRe1FhnbmectFht71FKR_WThoO-Jl_b7M5QXy0FONDozM_1CK4wwO_scZHgIW-8uMrH2LaxXtQ3xmLPiN3nlilr7nJ0xonAXC1zc2T4u5-dSk8Ojg1TSKpMR1lcBHgEkNtrmrI9OOMOILkROaeQK9TgzMsW3bjaxXiBT89U2qG7-wowMwWEjlL15gp3ULXfHZmTBITQa7Zjv7ESER-H_F0SauJm_8fYJnPTebU3Xel-jXWcLqbOIKG0JmtrAxqCr222VHVQjcyAUu1jNcaIBHyroViKDNxFnQ1z7QJ8WfiIm86yl6UpCWAjdTQaXM_dQZVpOjhqUsnYUmtvPsP8iYlu6NfxIqLzGQDlH_kodw9m3RefGch1zZyRM07zWXiPWyGGRg5kjmMqpFvs6jsr7Wz3VctQwL2bDg2hGJ0axmIDJYiQ7HIFqB6RtUvA535ep5l8xDqZsuSIAO_a97QqfXVNEs05rkAI7yf-Ccp8X7xEWxRllo0iR-WdVm8tudaAL2XcH-Xw4Gak7dj37VAjgZ6kux39KrS5KCeiaGo4ldMWpuTZ-uVj9mXDoIyB-pwAD36icxx7R54UTWG0Bmwx2HEKQdxr8ge9bdJm4LMOqIBxuG2dirRAs-DHwJCkCMmNxwn_03uaMOOAzN6IAHKj2FJPrViY9Q08b25rwC63VrZzakQI3LkMXJheAU5kPp2K7UJ_WdpACxYq_X8Meyw87r5cftZV65wFUHvkO2K9NCwl7HLpaIq0VftnondzDvv4CJ2z6pSCwyFDasL14Q2f4bTmqp1aeyonN6IszbHSYYYYihVYNC30TqgwOEGxpB1CBm0hLUWAgoeBUEqcr3DMZyiKv1G1G18JPeliSJYLobDWoSW5dxaMawK30r1sgXrKh6M--XP9A-hmmvuIIoQoQzv7fvC064B5_3CUqhyzhHVMWhO9f40_EDfYX4zM5Lw2ImUrEuMZToO5C0k9uAuDzrK3CGR15iBXsGGrOT4K9I_yWugcuBOnjM6z-HT_RT3G_xkhCRomW7FCO0_K9CneHiLAJxkuuaycjxOegc6295OVR42Ji8AnPl6VTohpoWciAzk8ZqrTiBON9bQ1MM3HVxeU1foIFJcdT9N3CRZk_C3DeyaPthXbgbNb-2TzlZbpfZJX_5FMnZH4-32l1ezkDcyFn2gUyIBfrGywMxKauLZK2pmvd_0x3Ap5Nk-OqLqsgkgdlSrHwJ9ueSIBbwl93nYDmUbSGGZaNO8dfzJGzlJYFVUTUok26Xp0R0t9uz17yHpeC1HZVSjn6pj8fNDL8PEHDFRp9pb3YVlP4aNuD9i6f2Dofq63RHToGk5ymmmeZQbckEoOtre5jTw2VuqyuYsEPJ9kt0xgib_y0ByAawZ5Aaj1Mv1HgO2uzexqU1zzQg0SE0NoCH-wITcYKotIOXHFJzrnU2LkxqrSMwarOk8zJ6CDYVoXdgApBSz6B5QWMZOAQOXrgo67Fe0uTXirUhdp5ric5JhPkpMiscVuz4UCRHyrau1emMdsB-utF6sADflqCbfDyZKYZyUfEem2yD7dGlEn_uYGhOvRVTjgTMyEcv6Sf8dVocTifh8cJnTFlRk5HxRm3fzonCOXBIoo6K9dGFSVLkuXduAlrDEdJVvTWwGuDpL5csp_-qD9idLlVgaRUR6H4_deyEHxBTwRrpKXkTRYmlcsI40ypdn9yn6HoW7jWvQRrM-sNoAyk3Z4Yxz-FqP7QZxtVkv0Z4D3VkL6d9sonejBbKByK-j4GRKY13gkeUzjkrW89Cp7VqVICOOT9j6V_mupL1i8LfqWF8NfDEBfWMX_o_dEA28IGAPrXtzvNi0OCQCtlI17Z3XqhenM8sQQuzeBMAGZOux6DMbHtq1myoE-gmzP20DRcb9yhw2DjkT4PxzC02HHBcWEtVAUcdyQKgTDtVmmVHxtN5RHiPZiwmqIoRigjX2b5hw&cid=CAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcontrol.kt365.vn%2F&ds=l&xdt=1&iif=1&cor=11007670176126320000&adk=1761367587&idt=95&cac=0&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:20:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 93AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:51:18 GMT
expires: Thu, 30 Nov 2023 10:51:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:51:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 btzJJPtCi-JsEYrp8vCLaDl2UWUtUoZooX84PkbxxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame ABA4 39 KB
15 KB 32ms
32ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/btzJJPtCi-JsEYrp8vCLaDl2UWUtUoZooX84PkbxxAk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edcc924fb428be26c118ae9f2f08b68397651652d528668a17f383e46f1c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 06:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15007
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 06:26:48 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 4FAB
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1278205/67950628/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blM...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blMKh295eEfS54XRB3Fa1ahsHZziB...

75 KB
26 KB

162ms
67ms

Script
text/javascript

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blMKh295eEfS54XRB3Fa1ahsHZziB64ziAc_dRD_zhbnh4K3c4D9iY2RLMaUpG-rBnWOw7uL9MBdnj1tYPwnGJf0AwhzzEv2PUo6vNN97nttTDGRk6oBL82SOwdQsN4S-RQAoCZ_4BTO22OLTOIyB5gqRh8NUeVDcHuMPivIhZGEFBy12DCfJHh0p2dGztDIIDudU6EXIgFWS5hihAABv9EuAj7RAhsibiG-Ohw5VhOEQholXCa16qmlTcWPf0c1spT74T1JY8oEhCkGWuFvC7L_kKsj3IGUAPvEYma4QeN03RQ1TSmX_CogCIVrtvNjy1c6qYbqgjFa6A-Y6CnJv7Ol-yt4i5eoKPFWBskvKxx2VM38ot-bedM6gd0_zWgqw5njAZpiqYSoUFL4C_DgITwhhMDS2Zo2rwafAQLor2yQ-UzqxcEo7mE30MDK5FJO7WrMFpLE_CGaVb2PDo7Np_Ccahmd__STjhu1IXw7G4tS3U971CIDTrsM9gpC3YhMUkizssooyJxPxOaAvKGOokiGWePBzrgvrHhHkK6JYxiVvTiNenZlS0T_C7nqcEFMeFqYWLjy9GhoJD2v_AMo8jY0KkaTOr5COy71rbIu10RPy7GcCff9G97QPMsGPsWxsB9DmWDhYCtoZbG1Ia02N_umwUT63iT_cSBVf75goUnPv7GeJk5NLzQXDznweFxcHAhQqWkvjxjoHQrqLi-wQXzb70Gc17vdCBmTrNSoGYbHbADbmOm0zt4NFcXSsO17Je1lxZoCSuxRPDX48_61eT2vmZtxQ01Io0fxuV_WJgAIhVpKRaGiiHJAcr1aRqFLcrVbs_KY_tWJGq54QVRG22eyw-sYbJIz4SUtFjx0Z6Zl0C6eBzbAMUvKZqPAdFnAj5zU6zQc02mbObIn1yB-plTOsfMssQBNzj_z7rzdlBkpOW49GGZOY2xctFWTczqDpOLaTCQno6CE6mdmPWiRh3WHGx7hS6BxViNpJd2LEFoY_trTWK4W1zp2icl802tmD0_-1Uyi0v1yhoU2qlyxqCgmYIWAMl91XL0Qb1BB23o-dsFt2Q1QjjUZrteJ6te6upIY0dadJADG8aAqxqImwShQrC_kS7hkRraLgkkZj5UoRRDHbK_aS0haakHMsdNm6MCiqXs08NwAUbUw6MoBRJk3DHro0POeD5fRrXLaHOJx909PsPXyQVM1duBZKSNd2j_byzwahkj3hyErcZ-5Hs30QYdkwJGF14BpVxu49J6Vlncy8v0ti17JlE4CUKkGX-LPV_WcnvdV6JQvQyyWzsuoZxRjJAYQd8rvOwk56Zp-vM4RCQyjAkMaUnaiMAXGeKLJiGInccHDH9bNsj9tjSh7KjIQEHV7kIw2d6tmLlZyYq3gknYKtjHranXAipxM1DKjG06gLvhsX5Iz3kcd1HFb7_PC2llLmeVCrHFu8I6JAAnTZr7Pq4LEoU4Jhha8rPXKiR2UGNOkCUNVlLzpUwQC2YnXPzj1iuDnKMyrUQvjXg9qX1pDlqDJaTJuT-zDyuD4BY2UDFAMyiV8Z3MMUosP3L_SVKe6hBR4WX9yEjykuM2OV3_pyZl8GxqZlPsJDqOMuY9B4vIltnBvs4hUrjT9e3h8l1jCVTNYnCgwHmTYC0mdlf2-eLaoeXyxu9J0sKHaSMie7jNEsvnE5jD9w3KgRPIxjb0mznIp-Cckolo16k_LLQbwSpSOGSODSk0KVU7olxKOgxCT4UKUp9tcGI5X26rt31JQrw6A_5IOIjBbAmqE8XqUkOnl4E4bOI6XxuCgCRZTJuth4KOWVfuuZhZTWMPRKPFhDP9I7aSknpI3s0_gCWk1l-r78fr5PbC_xAjt4pgb085XIFNsym1SsgQhME-F6e4qBy7USJ5cc6kLB6qFj6ERRzrhnhXO9NTVZMRtFE62-VW5CHgT7rsKI_HcckpD-kPU_wqJmPQ_MSl0RydCYZx_VvhgJgQuqJaFcj9mnZ5srE6E7GFhc3YFhZ2LmjPE2p_kBPuV3gaTlYTaxMU4LAtvzkWNqdyVwdF1dZBvGLm_V1RtG0wqyA0F44oeGMRkjsjaPfM396yRab9AeQZoE3qW21lPp5w3mQjY9-2gWYKOVIHUnKdQJUA1caYJwMidXxJg80YYWU-G2PPcTgtjz3mCn5_1p0nqx8Xi7rIdTcW6ioVV6TOpbd4zKe7TUp9dZm3TviIdksUX9xMXL24pZRIMGfjGYon2uvnZx43uk8nX56GBG0HSn0ohv5il6E3owqjBvMsY3uCbWFdrmoglAaMI1uYWWycLpvXbSIpFrR3O-ybXdB6olzsnTDvhkJbEy1hs2M9enlJqmR8jYJ5p2y0EVrNvVrakTwHaunWYk4OoYNYFOGTUaoV_47_6T0GVOgps83-S-4wrGC7y2V7ic2jcRS3GZQOiTeY0NEqXq6DpkNGc2sHFCjK2vSO2iLWQjDnpNM6ftQyfrLB04uVq_iwbNoYQVdGn0nVYV1t0Y1iDg_ngAub4cMAC3K5nqnWYVhDI-lukDSCz4one_3WC6RPxeLaotubURZsBHXlU2vCC7AB6MyOqB2pzCK3HVAxDkQvMWVE1xJba62CkgwUFFtyfwekJC0UiUueVDPIC50TzV_ieIrDretWSTxStFrHI7TJnSflLHZKGBH2WXmR2-nX-UZIQEP8xltv7uwToICRn6q-4b1eCd-rbIfD5X6rMX4YWpJk-ZTH9NcFhTS8n3N0ojRVe8yRzgI5PmB8MRSNq5UYXwJjE7w5K5rC8eHzbG5DXNSE4bM5s1oFtKa6SyvufYvEBoPi66fZ8HRNK8PKE5yNaQbapXJcwY_RZWl2-X4W0axxu0ef_mgyGbwlehpe_EsGLbxFycjEZzcsQCwc6ppC3yDVepvlH6ClVIvkEu4wF12-R_5yvzk55NAzDvU1tAzrbiPo4qbJN1G232TjrYWPErVgD-sKsCqT9_tK8nwrC3MnGFpr_htGns3AeTr5hfzLYwijFJ4ScN85017SnFky4yvKIOWhPLcyz8-qADRU3BCtW398Un9vgkCHkHOiH5LuTcS32MIz6kI1jwwVl1xRz-L1YccOeUM0wclUoqxu5gjuXWF_f2f12rYseDHzCcoICj1qxLLCBy3MJqKr0i8oFiZ7Ips6onbiEzC2zbFwBnWdDG6maxt-gJ2_XjvDx174pSK34EsDsxhHMYC9Kt1pnzzcK076WlyiEN9VF_wwryin5c7RjK858rKM7NfXIrhC5BP6v3JAaPM6UCxbudrg_T7ExYax_o5WLRx8XlFzbNbZfzxAgxITnkvBsK14uyppTQ74F_wdGJn8U6fyHLGaIKAYzGf50mU1gAhZW0nntpAxcqnkL_Qp9L-Lcnm91FFAiRhEbUnuJDE1lJaWWjla_OJjxQt0giT38evaAsoZjt08Z9ZNmvhRmuohqG5ZyXJqd0n_41OWDo1MPaihvAbVJ4vSod41IRHpqAI2m92Z9_FVJS5Wl5a7zgqnDowTX7bEL75FXE7DJkYFD0clUtcl5qTVTIX6NEAfzD68jCbNJbrQdKp6VOHYlphy5H93BDx6Ta-w_aQ29myw8TUOPj4c0q3ZxoEEfamfSRIEQk_aJq6hJah_8nmTrsuea1LtU8utPln3BiZQFXY4GUIeBjCixca97cgCl2j5Rt8yQpOEJYmJV0tQTiX9OCsVd-fA5rwhzhBpVCAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAWAB&cry=1&bundleId=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

88b9853e40b2d8fede5a06b5fc90fc7f89469582ddf9a97a06f343e3eaf90cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: nginx
x-server-name: app13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blMKh295eEfS54XRB3Fa1ahsHZziB64ziAc_dRD_zhbnh4K3c4D9iY2RLMaUpG-rBnWOw7uL9MBdnj1tYPwnGJf0AwhzzEv2PUo6vNN97nttTDGRk6oBL82SOwdQsN4S-RQAoCZ_4BTO22OLTOIyB5gqRh8NUeVDcHuMPivIhZGEFBy12DCfJHh0p2dGztDIIDudU6EXIgFWS5hihAABv9EuAj7RAhsibiG-Ohw5VhOEQholXCa16qmlTcWPf0c1spT74T1JY8oEhCkGWuFvC7L_kKsj3IGUAPvEYma4QeN03RQ1TSmX_CogCIVrtvNjy1c6qYbqgjFa6A-Y6CnJv7Ol-yt4i5eoKPFWBskvKxx2VM38ot-bedM6gd0_zWgqw5njAZpiqYSoUFL4C_DgITwhhMDS2Zo2rwafAQLor2yQ-UzqxcEo7mE30MDK5FJO7WrMFpLE_CGaVb2PDo7Np_Ccahmd__STjhu1IXw7G4tS3U971CIDTrsM9gpC3YhMUkizssooyJxPxOaAvKGOokiGWePBzrgvrHhHkK6JYxiVvTiNenZlS0T_C7nqcEFMeFqYWLjy9GhoJD2v_AMo8jY0KkaTOr5COy71rbIu10RPy7GcCff9G97QPMsGPsWxsB9DmWDhYCtoZbG1Ia02N_umwUT63iT_cSBVf75goUnPv7GeJk5NLzQXDznweFxcHAhQqWkvjxjoHQrqLi-wQXzb70Gc17vdCBmTrNSoGYbHbADbmOm0zt4NFcXSsO17Je1lxZoCSuxRPDX48_61eT2vmZtxQ01Io0fxuV_WJgAIhVpKRaGiiHJAcr1aRqFLcrVbs_KY_tWJGq54QVRG22eyw-sYbJIz4SUtFjx0Z6Zl0C6eBzbAMUvKZqPAdFnAj5zU6zQc02mbObIn1yB-plTOsfMssQBNzj_z7rzdlBkpOW49GGZOY2xctFWTczqDpOLaTCQno6CE6mdmPWiRh3WHGx7hS6BxViNpJd2LEFoY_trTWK4W1zp2icl802tmD0_-1Uyi0v1yhoU2qlyxqCgmYIWAMl91XL0Qb1BB23o-dsFt2Q1QjjUZrteJ6te6upIY0dadJADG8aAqxqImwShQrC_kS7hkRraLgkkZj5UoRRDHbK_aS0haakHMsdNm6MCiqXs08NwAUbUw6MoBRJk3DHro0POeD5fRrXLaHOJx909PsPXyQVM1duBZKSNd2j_byzwahkj3hyErcZ-5Hs30QYdkwJGF14BpVxu49J6Vlncy8v0ti17JlE4CUKkGX-LPV_WcnvdV6JQvQyyWzsuoZxRjJAYQd8rvOwk56Zp-vM4RCQyjAkMaUnaiMAXGeKLJiGInccHDH9bNsj9tjSh7KjIQEHV7kIw2d6tmLlZyYq3gknYKtjHranXAipxM1DKjG06gLvhsX5Iz3kcd1HFb7_PC2llLmeVCrHFu8I6JAAnTZr7Pq4LEoU4Jhha8rPXKiR2UGNOkCUNVlLzpUwQC2YnXPzj1iuDnKMyrUQvjXg9qX1pDlqDJaTJuT-zDyuD4BY2UDFAMyiV8Z3MMUosP3L_SVKe6hBR4WX9yEjykuM2OV3_pyZl8GxqZlPsJDqOMuY9B4vIltnBvs4hUrjT9e3h8l1jCVTNYnCgwHmTYC0mdlf2-eLaoeXyxu9J0sKHaSMie7jNEsvnE5jD9w3KgRPIxjb0mznIp-Cckolo16k_LLQbwSpSOGSODSk0KVU7olxKOgxCT4UKUp9tcGI5X26rt31JQrw6A_5IOIjBbAmqE8XqUkOnl4E4bOI6XxuCgCRZTJuth4KOWVfuuZhZTWMPRKPFhDP9I7aSknpI3s0_gCWk1l-r78fr5PbC_xAjt4pgb085XIFNsym1SsgQhME-F6e4qBy7USJ5cc6kLB6qFj6ERRzrhnhXO9NTVZMRtFE62-VW5CHgT7rsKI_HcckpD-kPU_wqJmPQ_MSl0RydCYZx_VvhgJgQuqJaFcj9mnZ5srE6E7GFhc3YFhZ2LmjPE2p_kBPuV3gaTlYTaxMU4LAtvzkWNqdyVwdF1dZBvGLm_V1RtG0wqyA0F44oeGMRkjsjaPfM396yRab9AeQZoE3qW21lPp5w3mQjY9-2gWYKOVIHUnKdQJUA1caYJwMidXxJg80YYWU-G2PPcTgtjz3mCn5_1p0nqx8Xi7rIdTcW6ioVV6TOpbd4zKe7TUp9dZm3TviIdksUX9xMXL24pZRIMGfjGYon2uvnZx43uk8nX56GBG0HSn0ohv5il6E3owqjBvMsY3uCbWFdrmoglAaMI1uYWWycLpvXbSIpFrR3O-ybXdB6olzsnTDvhkJbEy1hs2M9enlJqmR8jYJ5p2y0EVrNvVrakTwHaunWYk4OoYNYFOGTUaoV_47_6T0GVOgps83-S-4wrGC7y2V7ic2jcRS3GZQOiTeY0NEqXq6DpkNGc2sHFCjK2vSO2iLWQjDnpNM6ftQyfrLB04uVq_iwbNoYQVdGn0nVYV1t0Y1iDg_ngAub4cMAC3K5nqnWYVhDI-lukDSCz4one_3WC6RPxeLaotubURZsBHXlU2vCC7AB6MyOqB2pzCK3HVAxDkQvMWVE1xJba62CkgwUFFtyfwekJC0UiUueVDPIC50TzV_ieIrDretWSTxStFrHI7TJnSflLHZKGBH2WXmR2-nX-UZIQEP8xltv7uwToICRn6q-4b1eCd-rbIfD5X6rMX4YWpJk-ZTH9NcFhTS8n3N0ojRVe8yRzgI5PmB8MRSNq5UYXwJjE7w5K5rC8eHzbG5DXNSE4bM5s1oFtKa6SyvufYvEBoPi66fZ8HRNK8PKE5yNaQbapXJcwY_RZWl2-X4W0axxu0ef_mgyGbwlehpe_EsGLbxFycjEZzcsQCwc6ppC3yDVepvlH6ClVIvkEu4wF12-R_5yvzk55NAzDvU1tAzrbiPo4qbJN1G232TjrYWPErVgD-sKsCqT9_tK8nwrC3MnGFpr_htGns3AeTr5hfzLYwijFJ4ScN85017SnFky4yvKIOWhPLcyz8-qADRU3BCtW398Un9vgkCHkHOiH5LuTcS32MIz6kI1jwwVl1xRz-L1YccOeUM0wclUoqxu5gjuXWF_f2f12rYseDHzCcoICj1qxLLCBy3MJqKr0i8oFiZ7Ips6onbiEzC2zbFwBnWdDG6maxt-gJ2_XjvDx174pSK34EsDsxhHMYC9Kt1pnzzcK076WlyiEN9VF_wwryin5c7RjK858rKM7NfXIrhC5BP6v3JAaPM6UCxbudrg_T7ExYax_o5WLRx8XlFzbNbZfzxAgxITnkvBsK14uyppTQ74F_wdGJn8U6fyHLGaIKAYzGf50mU1gAhZW0nntpAxcqnkL_Qp9L-Lcnm91FFAiRhEbUnuJDE1lJaWWjla_OJjxQt0giT38evaAsoZjt08Z9ZNmvhRmuohqG5ZyXJqd0n_41OWDo1MPaihvAbVJ4vSod41IRHpqAI2m92Z9_FVJS5Wl5a7zgqnDowTX7bEL75FXE7DJkYFD0clUtcl5qTVTIX6NEAfzD68jCbNJbrQdKp6VOHYlphy5H93BDx6Ta-w_aQ29myw8TUOPj4c0q3ZxoEEfamfSRIEQk_aJq6hJah_8nmTrsuea1LtU8utPln3BiZQFXY4GUIeBjCixca97cgCl2j5Rt8yQpOEJYmJV0tQTiX9OCsVd-fA5rwhzhBpVCAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAWAB&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame FD4B 91 KB
23 KB 148ms
27ms Script
application/javascript 2600:9000:247b:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 10567539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: bYzO8yPSDPKGrzy6UN5slpRuHk6gHMHec859M-bitxWlCCICoFlvKw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
215 B 245ms
81ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjWfX,pingTime:-3,time:88,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:30%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
215 B 239ms
80ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjWfZ,pingTime:-6,time:90,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:90,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:30%7D&tpiLookup=ao:control.kt365.vn*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3111 0
0 52ms
51ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=3859106931910365&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
216 B 200ms
79ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjWgF,pingTime:-2,time:132,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:522,beZ:523,mfA:527,cmA:528,inA:528,inZ:533,prA:534,prZ:544,si:551,poA:553,poZ:583,cmZ:583,mfZ:583,loA:612,loZ:615,ltA:653,ltZ:653%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:30,sinceFw:99,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:18 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 btzJJPtCi-JsEYrp8vCLaDl2UWUtUoZooX84PkbxxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6133 39 KB
15 KB 27ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/btzJJPtCi-JsEYrp8vCLaDl2UWUtUoZooX84PkbxxAk.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edcc924fb428be26c118ae9f2f08b68397651652d528668a17f383e46f1c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 06:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15007
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 06:26:48 GMT

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 90DB 39 KB
15 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 05:14:15 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B0C6 38 KB
13 KB 42ms
24ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 486814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 19:37:44 GMT
expires: Sat, 23 Nov 2024 19:37:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame F25C 39 KB
15 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 05:14:15 GMT

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame B0C6 39 KB
15 KB 30ms
30ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 05:14:15 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4FAB 172 KB
60 KB 84ms
25ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 03:55:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 4FAB 11 KB
4 KB 32ms
32ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1278205/67950628/xbbe/creative/adj?p=APEucNXmMQkSfcOzVuj9BQGa-YJUEb7jMAFxtil5-eGeSZ7HKL2itrc&d=CokBAKAmf-CbfOPU747BWf8VgDSqJiUqiscgXcbE_vg-lm2tYWSxwarsz6N6blMKh295eEfS54XRB3Fa1ahsHZziB64ziAc_dRD_zhbnh4K3c4D9iY2RLMaUpG-rBnWOw7uL9MBdnj1tYPwnGJf0AwhzzEv2PUo6vNN97nttTDGRk6oBL82SOwdQsN4S-RQAoCZ_4BTO22OLTOIyB5gqRh8NUeVDcHuMPivIhZGEFBy12DCfJHh0p2dGztDIIDudU6EXIgFWS5hihAABv9EuAj7RAhsibiG-Ohw5VhOEQholXCa16qmlTcWPf0c1spT74T1JY8oEhCkGWuFvC7L_kKsj3IGUAPvEYma4QeN03RQ1TSmX_CogCIVrtvNjy1c6qYbqgjFa6A-Y6CnJv7Ol-yt4i5eoKPFWBskvKxx2VM38ot-bedM6gd0_zWgqw5njAZpiqYSoUFL4C_DgITwhhMDS2Zo2rwafAQLor2yQ-UzqxcEo7mE30MDK5FJO7WrMFpLE_CGaVb2PDo7Np_Ccahmd__STjhu1IXw7G4tS3U971CIDTrsM9gpC3YhMUkizssooyJxPxOaAvKGOokiGWePBzrgvrHhHkK6JYxiVvTiNenZlS0T_C7nqcEFMeFqYWLjy9GhoJD2v_AMo8jY0KkaTOr5COy71rbIu10RPy7GcCff9G97QPMsGPsWxsB9DmWDhYCtoZbG1Ia02N_umwUT63iT_cSBVf75goUnPv7GeJk5NLzQXDznweFxcHAhQqWkvjxjoHQrqLi-wQXzb70Gc17vdCBmTrNSoGYbHbADbmOm0zt4NFcXSsO17Je1lxZoCSuxRPDX48_61eT2vmZtxQ01Io0fxuV_WJgAIhVpKRaGiiHJAcr1aRqFLcrVbs_KY_tWJGq54QVRG22eyw-sYbJIz4SUtFjx0Z6Zl0C6eBzbAMUvKZqPAdFnAj5zU6zQc02mbObIn1yB-plTOsfMssQBNzj_z7rzdlBkpOW49GGZOY2xctFWTczqDpOLaTCQno6CE6mdmPWiRh3WHGx7hS6BxViNpJd2LEFoY_trTWK4W1zp2icl802tmD0_-1Uyi0v1yhoU2qlyxqCgmYIWAMl91XL0Qb1BB23o-dsFt2Q1QjjUZrteJ6te6upIY0dadJADG8aAqxqImwShQrC_kS7hkRraLgkkZj5UoRRDHbK_aS0haakHMsdNm6MCiqXs08NwAUbUw6MoBRJk3DHro0POeD5fRrXLaHOJx909PsPXyQVM1duBZKSNd2j_byzwahkj3hyErcZ-5Hs30QYdkwJGF14BpVxu49J6Vlncy8v0ti17JlE4CUKkGX-LPV_WcnvdV6JQvQyyWzsuoZxRjJAYQd8rvOwk56Zp-vM4RCQyjAkMaUnaiMAXGeKLJiGInccHDH9bNsj9tjSh7KjIQEHV7kIw2d6tmLlZyYq3gknYKtjHranXAipxM1DKjG06gLvhsX5Iz3kcd1HFb7_PC2llLmeVCrHFu8I6JAAnTZr7Pq4LEoU4Jhha8rPXKiR2UGNOkCUNVlLzpUwQC2YnXPzj1iuDnKMyrUQvjXg9qX1pDlqDJaTJuT-zDyuD4BY2UDFAMyiV8Z3MMUosP3L_SVKe6hBR4WX9yEjykuM2OV3_pyZl8GxqZlPsJDqOMuY9B4vIltnBvs4hUrjT9e3h8l1jCVTNYnCgwHmTYC0mdlf2-eLaoeXyxu9J0sKHaSMie7jNEsvnE5jD9w3KgRPIxjb0mznIp-Cckolo16k_LLQbwSpSOGSODSk0KVU7olxKOgxCT4UKUp9tcGI5X26rt31JQrw6A_5IOIjBbAmqE8XqUkOnl4E4bOI6XxuCgCRZTJuth4KOWVfuuZhZTWMPRKPFhDP9I7aSknpI3s0_gCWk1l-r78fr5PbC_xAjt4pgb085XIFNsym1SsgQhME-F6e4qBy7USJ5cc6kLB6qFj6ERRzrhnhXO9NTVZMRtFE62-VW5CHgT7rsKI_HcckpD-kPU_wqJmPQ_MSl0RydCYZx_VvhgJgQuqJaFcj9mnZ5srE6E7GFhc3YFhZ2LmjPE2p_kBPuV3gaTlYTaxMU4LAtvzkWNqdyVwdF1dZBvGLm_V1RtG0wqyA0F44oeGMRkjsjaPfM396yRab9AeQZoE3qW21lPp5w3mQjY9-2gWYKOVIHUnKdQJUA1caYJwMidXxJg80YYWU-G2PPcTgtjz3mCn5_1p0nqx8Xi7rIdTcW6ioVV6TOpbd4zKe7TUp9dZm3TviIdksUX9xMXL24pZRIMGfjGYon2uvnZx43uk8nX56GBG0HSn0ohv5il6E3owqjBvMsY3uCbWFdrmoglAaMI1uYWWycLpvXbSIpFrR3O-ybXdB6olzsnTDvhkJbEy1hs2M9enlJqmR8jYJ5p2y0EVrNvVrakTwHaunWYk4OoYNYFOGTUaoV_47_6T0GVOgps83-S-4wrGC7y2V7ic2jcRS3GZQOiTeY0NEqXq6DpkNGc2sHFCjK2vSO2iLWQjDnpNM6ftQyfrLB04uVq_iwbNoYQVdGn0nVYV1t0Y1iDg_ngAub4cMAC3K5nqnWYVhDI-lukDSCz4one_3WC6RPxeLaotubURZsBHXlU2vCC7AB6MyOqB2pzCK3HVAxDkQvMWVE1xJba62CkgwUFFtyfwekJC0UiUueVDPIC50TzV_ieIrDretWSTxStFrHI7TJnSflLHZKGBH2WXmR2-nX-UZIQEP8xltv7uwToICRn6q-4b1eCd-rbIfD5X6rMX4YWpJk-ZTH9NcFhTS8n3N0ojRVe8yRzgI5PmB8MRSNq5UYXwJjE7w5K5rC8eHzbG5DXNSE4bM5s1oFtKa6SyvufYvEBoPi66fZ8HRNK8PKE5yNaQbapXJcwY_RZWl2-X4W0axxu0ef_mgyGbwlehpe_EsGLbxFycjEZzcsQCwc6ppC3yDVepvlH6ClVIvkEu4wF12-R_5yvzk55NAzDvU1tAzrbiPo4qbJN1G232TjrYWPErVgD-sKsCqT9_tK8nwrC3MnGFpr_htGns3AeTr5hfzLYwijFJ4ScN85017SnFky4yvKIOWhPLcyz8-qADRU3BCtW398Un9vgkCHkHOiH5LuTcS32MIz6kI1jwwVl1xRz-L1YccOeUM0wclUoqxu5gjuXWF_f2f12rYseDHzCcoICj1qxLLCBy3MJqKr0i8oFiZ7Ips6onbiEzC2zbFwBnWdDG6maxt-gJ2_XjvDx174pSK34EsDsxhHMYC9Kt1pnzzcK076WlyiEN9VF_wwryin5c7RjK858rKM7NfXIrhC5BP6v3JAaPM6UCxbudrg_T7ExYax_o5WLRx8XlFzbNbZfzxAgxITnkvBsK14uyppTQ74F_wdGJn8U6fyHLGaIKAYzGf50mU1gAhZW0nntpAxcqnkL_Qp9L-Lcnm91FFAiRhEbUnuJDE1lJaWWjla_OJjxQt0giT38evaAsoZjt08Z9ZNmvhRmuohqG5ZyXJqd0n_41OWDo1MPaihvAbVJ4vSod41IRHpqAI2m92Z9_FVJS5Wl5a7zgqnDowTX7bEL75FXE7DJkYFD0clUtcl5qTVTIX6NEAfzD68jCbNJbrQdKp6VOHYlphy5H93BDx6Ta-w_aQ29myw8TUOPj4c0q3ZxoEEfamfSRIEQk_aJq6hJah_8nmTrsuea1LtU8utPln3BiZQFXY4GUIeBjCixca97cgCl2j5Rt8yQpOEJYmJV0tQTiX9OCsVd-fA5rwhzhBpVCAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1009806384&ias_pubId=pub-5195111790972465&ias_chanId=1&ias_placementId=19084107325&bidurl=https://control.kt365.vn/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h9wdwoL2XM5vJZ3ooz-NZ4&adsafe_url=https%3A%2F%2Fcontrol.kt365.vn&adsafe_type=g&adsafe_url=https%3A%2F%2Fcontrol.kt365.vn%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231128%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231128%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5195111790972465%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:3a56eb6a-9dcf-5017-40cc-bd124b76c942,c:vpjWeZ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5f456796bd-76hvr,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:63ed13e3-8f6e-11ee-b15e-aee8fee76817,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 4FAB 31 KB
12 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:38 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 2 KB
794 B 46ms
40ms Document
text/html 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060fb5543721dd6723e071e1362f80ffa5794febc2b22e2f17173b2f57a480fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 657
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 10:51:18 GMT
expires: Fri, 29 Nov 2024 10:51:18 GMT
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4FAB 0
0 57ms
57ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdJghjP20KdG5S6MXiCuNQqrmHiIb8ka_7eVahqJmy1OC64tmIDu65IfuXGGOZ9hOMLIYm_0i-mU8-94zADZAwUpQcO_hg4CMbmXMjfeKedNk5fXTcLlWVo8sLKG9wIzCZ_cv7gsiAXRkOsk3wuHqVMY8AlUhRIickMuyZWx6OW_2_8iKgTuyYSWyFc0OIsRr9krQzXhy-D6LYwQ&sai=AMfl-YSRNJ--3Ffx2md1vXXADSuBCc3ADaRlh5MDLSoRBlf8Q36XO_HX1xmEUN9kMo17o2D25ZKmaqNQqgECYpOLv5bIbTC9xIZoiTSasCKJ1wcruS3rPMqSlwaDi6KguWuZKzfJW3Ax8d9A2mV6&sig=Cg0ArKJSzAIo9CDwp-5pEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9qZWVwLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=201&cbvp=1&cstd=180&cisv=r20231128.00639&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 74408
stags.bluekai.com/site/ Frame 4FAB 62 B
599 B 193ms
126ms Image
image/gif 23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/74408?phint=event%3Dimp&phint=cid%3D29045561&phint=dcmsite%3D5176513&phint=placement%3D353961286&phint=crid%3D186959958&phint=adversion%3D555336773
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 30 Nov 2023 10:51:19 GMT
content-length: 62
bk-server: c4d2
content-type: image/gif

GET
H2 200 view
tpt.mediaplex.com/event/etc/ Frame 4FAB 43 B
323 B 461ms
53ms Image
image/gif 2606:ae80:1451:17::1400
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpt.mediaplex.com/event/etc/view?vndr%5Fid=2522&vndr%5Fname=Stellantis%20-%20Mediaplex&comp%5Fid=80602&campaign%5Fid=100828&dvc%5Fid=&ggl%5Fplay%5Fid=&idfa=&advid=9149668&bid=29045561&sid=5176513&pid=353961286&adid=555336773&cid=186959958&cachebuster=[timestamp]%22style=%22width:1px
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1451:17::1400 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:19 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: image/gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 43
expires: 0

GET
H2 200 main.css
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 6 KB
3 KB 41ms
38ms Stylesheet
text/css 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c22b28bf223946d1cdcf092a3398913d9ebe5146cd683e9627fca9195925fd8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2601
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Nov 2024 17:10:56 GMT

GET
H2 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 21DC 120 KB
41 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 00:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 00:03:34 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 21DC 57 KB
23 KB 42ms
40ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 10:51:18 GMT

GET
H2 200 main.js Show response
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 22 KB
6 KB 40ms
39ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18574ce7dd02669054cf459a898c599338aa774efaf02f78c3945656061d88e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 19:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6495
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 19:23:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 90DB 0
10 B 25ms
23ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?754I7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
215 B 83ms
73ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjWuk,pingTime:-10,time:979,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701341479256%7C%7Cb9068345b8e6ea3412a91d29c8dbbba0%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C4cd469d13009a56e266e0af62bdfd0e8%7C%7Cf7be2b9e28657ebaad5bfc69a77e71af%7C%7C5c5531bfea4ab832780d7bd0543fc0c5%7C%7C8109ac8f05d49778a38bf1acb97b6b2f%7C%7C9866d5e87ef97d3326cdbfbc337e727a%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:19 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 all.png
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 31 KB
31 KB 32ms
30ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/all.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5ab6cb464fc3b6b180f10e992d7ad6e7caafacb2d33d34061cd8ef208523bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:50:55 GMT
x-content-type-options: nosniff
age: 212424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 23:50:55 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4FAB 0
0 88ms
84ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdJghjP20KdG5S6MXiCuNQqrmHiIb8ka_7eVahqJmy1OC64tmIDu65IfuXGGOZ9hOMLIYm_0i-mU8-94zADZAwUpQcO_hg4CMbmXMjfeKedNk5fXTcLlWVo8sLKG9wIzCZ_cv7gsiAXRkOsk3wuHqVMY8AlUhRIickMuyZWx6OW_2_8iKgTuyYSWyFc0OIsRr9krQzXhy-D6LYwQ&sai=AMfl-YSRNJ--3Ffx2md1vXXADSuBCc3ADaRlh5MDLSoRBlf8Q36XO_HX1xmEUN9kMo17o2D25ZKmaqNQqgECYpOLv5bIbTC9xIZoiTSasCKJ1wcruS3rPMqSlwaDi6KguWuZKzfJW3Ax8d9A2mV6&sig=Cg0ArKJSzAIo9CDwp-5pEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9qZWVwLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=603&vt=11&dtpt=402&dett=3&cstd=180&cisv=r20231128.00639&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: control.kt365.vn
URL: https://control.kt365.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 21DC 8 KB
6 KB 59ms
53ms XHR
application/json 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fc3631401161c70c325a4c94d97f6994e15817296c917d1a2e79f3b7682ab12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5820
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E88 42 B
64 B 56ms
56ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTZdITHBdvNouEqIXFrjNBHe8DvCCzv0ra_3RjFq6trP-jmC0yFmrOf-zF-iy0prhu3Pfxqzifr5GFkUiQLtTaHvh3f_oPua8v-xH4VDywXPk7JtEShqOQ9_CHq1U4bJeO4ZkyEe3XGRFY&sai=AMfl-YTlQJNL0Q99JQz6BHY-1xW46V1478TsN6PmGDHugKS10PMFSPkgi2Kbp_shnBmejp6ddvdn0HId6eKjVXv0NvzZOkayCnuJLw9iiZumNNNMuUDcnSx_QySJN2e-KCPHS-2mA_V_THmbIh8W-Goj-afy52gn9ajtZ6VQ&sig=Cg0ArKJSzKD-s9pHmHq3EAE&cid=CAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAQ&id=lidar2&mcvt=1060&p=0,0,90,728&mtos=707,1060,1060,1060,1060&tos=707,353,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701341477784&rpt=589&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4FAB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1aeb7efa3044f68632c9d05da48ee89b799045b16679abd8eace756b26b08bf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 21DC 17 KB
6 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 10:51:19 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 40 KB
40 KB 35ms
33ms Image
image/jpeg 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d814a8cd9d6ec963c583d47b78a8c8f4d8f822e4be049bffd0ab958d872cc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:56 GMT
x-content-type-options: nosniff
age: 63623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40858
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Nov 2024 17:10:56 GMT

GET
H3 200 all.png
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 31 KB
31 KB 27ms
25ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/all.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5ab6cb464fc3b6b180f10e992d7ad6e7caafacb2d33d34061cd8ef208523bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:50:55 GMT
x-content-type-options: nosniff
age: 212424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 23:50:55 GMT

GET
H3 200 grid.png
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 7 KB
7 KB 49ms
47ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/grid.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81b3585410702323b271c60fac814f9123f14b3d2ecf5d91dad7f0e3ec3b473b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:53 GMT
x-content-type-options: nosniff
age: 62966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6859
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Nov 2024 17:21:53 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/7091666154781430795/ Frame 21DC 4 KB
4 KB 50ms
48ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7091666154781430795/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

157086b9655d6809e72cc067c10c7fb66138b8f9d7db02cd5829a5b3dc0acc92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7091666154781430795/index.html?e=69&leftOffset=0&topOffset=0&c=5GrBNcHaXW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:47:24 GMT
x-content-type-options: nosniff
age: 133435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3627
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:57:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 21:47:24 GMT

GET
DATA 200
OK truncated
/ Frame 21DC 1015 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 067d0bd30358c7a31e4f42ded3dfa16e316004889d0df81ce5288f36e52ade72

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F25C 0
20 B 57ms
55ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bu7ReJGloZZTTIsWyoPMP9ZeA6AoAAAAAOAHgBAI&bg=!t7SltPvNAAaGYW-ApmE7ADQBe5WfOJSWUENILhy-m0XwJqmecfI6deD58Izv6R2aW-NgrXEBmmY1pQLDs_NpDR7_hWifAgAAAulSAAAACWgBBwoASvlkmoALAI4MHPyWC2boifbeFhGDR6AuvMZB8HSmSY9xP1BRbBQl2PZAZHQ3cWHjOI_cQ5aCuyGR5JzQwzc4XM1-Cd1Ckh6NYE8RmQMR9fZ4IAHgDAmP8kJ3koKYuBZHfeD58kl0zTYerXTDohpmf92T36oWGmAcmB9dGUIbppf1wB_vLAhSe_WA-qnXQPxDkjWBytTWsb0C4GDJEkPed-n0VcutYDDxs1z1rCY6zLVbDYo9uAL5K5pxKI9G_8AD63FpxgqHCzwm7AG5DcE_X25tzhBz9B7LreB2_pMV4e3WdqZRvEajvcjPIc_Qgl5abBpv-2sSY1nlRLS08ziDrNqlTxllKcbdP_LsByzNIj78l2STYEDodeYW1gSbFWr4uOfZAWHvZYvEfi3d5d-wT4vzv73MEV98lUsvlvvsmfkeE4Z-P5eYIZwUM54Y0nrvIf4qpj6RsYslusgqrouLDCcxIhR1s9cmqip_xuNj4gz02aibQCXV9eBv-Aa3trGQliE1BRv6PIMPoevnIflW1iIl-FyEErDMRMEId1iCdW1jWbcuIeKzLJmzfJ49Cf-nY2AQeCRFQtji_ToN9QCtfThypJwIWt1d8GlzXBbKqByKShKsQD5MZ0J3qrtoV74F0DkWmRdwpT2idBckfTlzio_o1x1HBb-93tEqyteFC4YXqLqkV-wjnJd8lzFBVZ1kFEZtHZ8Q_rGKZ52V2RBpAlPGS6Hq9U1QCrso_EmlzoVAU9j2iVsjw0KO69rUvSMUTbE8rKL3JnFogxH666AV5UDGWrYJ3Wu5H7RaYE3bsG8BweO1JtfUK2saf8RjRydmfGwop8HjrQZZzpxwq1lpWylVQGNAKW0iZhHeOvh7pBM-lae7OglS7WAoUPCL0zjc1RjTL_14j1KqW9VaN4MW2uslex7_NjCrs2XvtrgrQjVv1QHBTkST2V-Jk2SoUMv-rCQaETCMfcflm7TNVSF-7iaSFqXDNrBY5lM8djEvrlcOp_nzZoV0IlE86jaZGKntcyVJWbsFxE6xe7P9SHTLMGSsuQW3VjqMGjIQO4hyf7ohwNQS8mNR5nEWpzs4bv7jLNE7KPK6cNmk77q-sd0bjsOfphjMMShm6R9UOxcR8voGVH-jPyG-jo8FDDjcjcs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0C6 0
20 B 54ms
54ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXJ2DJWloZdvAPOygoPMP7pia4A8AAAAAOAHgBAI&bg=!RkWlRQrNAAaGYW-ApmE7ADQBe5WfOCROIu5iEcjB4ZdkRKqbL0OIPG3xlhK9KXX5_ST4bmM0pas2tOnEt61zaTcN9j3tAgAAAuJSAAAABWgBBwoABTYHBiKTmQMCCafCBgmIvhe8MtReYYLeitgys9EQQ86F-iR-oOgntt8vld1YcEzXq9o0o4WVUdGMyHH5rW2t72YYddOxuzpTipE7sb8_Pm_dfamn1wJbykj7ln2CSLwITHUWisDvTjv4bIxKGRame0CRWhGqcX5gUDJMdtMOPnMPGFEaMQkeztdl4qgalCFNgU_yRMNDfFn9ggFuxxtr1bIlZb9AyvHSQoMEuDIIreg1LbCx-_7ka0b9Vj0KwrwGOTNXEZ14RV3jvVQH1iEOLykx39Si_J6o2_os-hdZpkRapeXMMJHWob7ArAtFza3D4Oa9_Yl_PDOeSUSGI9SV2Rm9lNm3ceJ8e9vQXCno9hie4rTXyFdQXOv411a8jq6NotTwlu411HRP2fJMKcvSrtztUR5myMRQ5JIxtXSdMTWEStwj99PLyV7XFFHgW3YopjEmqkCLb_kdU3FDatDZ4D7mWGqQr8FiCBCfHTtjsPNrlezJAMly1Qt_33sMRaacM9gtcnRM_nt5Rolp5e6leiU4CU4SGE9tfiFGGZtzSfsFkGrqSTIOep81ZkCUAsIoy1nSMiHO9QG_lM3UWXqaeLkUHsl50yjl7E265ADw98r-zBP9PY7EQSp9-KJ7sjupSR9y7YW2xBBL1Oz5lTtoNhR286qr-17fS2M5ADoBQXoryXoHwCpfW5nzwbPSMGBNkudAXlVXBBF4nmVNs4O7emZxmvDSLOeUWJ_sAvkdTgoFY11n8T8-CzynK6XlfEwvEKpMV4u7TYaO-L2TaBnrmv8XTXqQuHoLhUvC4EYbv2NnaEXIEoez-kx1Ew6kTmotie1nVDPhUTcbPTMJGxraHB3AsSeRUYCiPt4bJkazMLePwVGAyEpjQb0hpoyzY9ILLhs87tZiBCqA9mQ8q1jtXjfpvoOwH_wc9f9OALh5LiKYmuCUhNYeoy_1xsRTkb-9kaHPk08BAUEmUUBLWT_s7iloYdkQP4PzagNg5YudkOwqE3aR_ad4TRh-FYMY5RJ9DnCh5eG698y9vok

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5819 39 KB
15 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 05:14:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
215 B 74ms
74ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjWDP,time:1568,type:e,im:%7Bpci:%7Btdr:1507%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1568,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1559~0%5D,as:%5B1240~0.0,319~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:168,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:30,sis:386%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:19 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231128&jk=3859106931910365&bg=!X1ylXBPNAAaGYW-ApmE7ADQBe5WfODEwOKBwVIecS-75sMzF1ZmqB1vnDYgJkqCjqqeE74rRAq52LZbMo-kgkyxU9yPaAgAAAr1SAAAABmgBB5kCuLiq9HxbFq8Czvp9sNriPAxxfwMXBSTtSS1vq7H8HpEFk4FjN7Fy99_0ZlZXI7h6Dkdx4JAYC3N5L7sxf-POtTql6qr0V3Dg3ywUE-joZ_nCYuaweC0pgZpQwDRNt25r0AnS3rGwJEsp3bC_YtXm6ZmfxRPwWjwNTde5eStSx52rV58adKe2zwaNLFDwjLjdvt51vSMf9FUy2MyxUQ1lT4cgRkLCoGOvsyVHm9w-KhzNK8j5lTuF_tLwVj1I-uxE2hlvbUsNN5kxqpR6pI1b9LeQ5IyvRnX9l81hk6AaEzoPblkZTQGBVYIMwZ9bjyf_ffv_SZA4F4opq5f75xr1Lgx-EO0M2tBbDHw08qNAIAoczeio6LRLH6iAr4W6qp1tvpGJQbLoLyHbvIs0iTSR1ybmPGZ3W4AQi9k7-3uVJvysk5zGVPrNY2SIpD_FSGDh-1t4xqalnBGhvIKbOv89FMv8bf3qj19JDVhq2yod2C5aGVtrkigPlbyFB1baNPaPqn1KAsI2M4IEJAPwvq2B2NN4Rut7iQTqXWcvFTaz8Rvp3U8MwpxS6E4IO9SfdSTdJZu_5FO9hZVMLqQgQC2Q2BE5hy_OjM5HNVk_mj61WJoyOgJ3D2CXy56kbxbBkBNRSrl-jDoeZysHbN_JPccd7AoTYrHsjyyBFOCVQSCn53WyuEamJgkzRhNzIcpD16voKekSwfVsqWzNZDBjkzlVB1aNmUnGxGATp0iNcfCe_xaw5Wu0H5kHmtJYd-_7Sv6IL0nlVEK5iI8HoqZXK7QKc0sYh2OfvfaeaIMIfIVBgUbXTue5vFa45bQCh-CrYKFYSsRVHHg03NLWs3481n3_IP0X5Nu-MlRGCD1Y0l-EiauluQ3gsv1RXAUaUaXKSRZwXlUrTD2DhYcdd7atn9cDr3lyB6Hiry6UOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://control.kt365.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FAB 0
20 B 74ms
59ms Ping
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4266765257278&version=m202309260101&ct=76&x=1&cor=11007670176126320000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4FAB 42 B
64 B 60ms
53ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUdWnV-HEczwe4kDOgDk13ZsRPcHKA9cX7tZQRmfTKxhP1XsFt-3U8M_cibX4erfVGO158u68as_9-Lu3PHcwzMK_Y7HLMVICQXERTyeWRQTnPs56dXW4QHxL8e-QJNO0HN-Lz61L9RNEg&sai=AMfl-YTtk811Om0u1Nkt9R_-beX8UbkJc6v-foLaWiAOi9zQQLbxWGY6g33N2XVN-Gr97UVWSglyWu3d-3rpX0Hwx_dNA3PX2Zsp3iUuw4QO6SCcgyFKPTWaWbs9-cF4MZu2o0hzk4cwjbxlcsZvBvJGYA3eZHGJhQXb-SLt&sig=Cg0ArKJSzAYvzUAiGg7TEAE&cid=CAQSTwDICaaNVovQdDCnqC7HMe5Pz_k_7Bkqh8nWztnmvcZe4yp5JlgZqHyFGmhbxLeQDLJOgW_rukCqcTw30UGyR0LrgwITC24XNv62eS01v6wYAQ&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701341477756&rpt=952&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
215 B 79ms
76ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjX58,pingTime:1,time:3261,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:28%7D,%7Bw:160,h:600,t:1249%7D,%7Bpiv:100,vs:i,r:,t:2260%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2260,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2251~0,1~100%5D,as:%5B1240~0.0,1012~160.600%5D%7D%7D,%7Bsl:i,t:2260,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:86,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:30,sis:386%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:21 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
215 B 82ms
79ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjX59,pingTime:1,time:3262,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:28%7D,%7Bw:160,h:600,t:1249%7D,%7Bpiv:100,vs:i,r:,t:2260%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:2260,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2251~0,1~100%5D,as:%5B1240~0.0,1012~160.600%5D%7D%7D,%7Bsl:i,t:2260,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:86,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:30,sis:386%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:21 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FAB 43 B
215 B 82ms
80ms Image
image/gif 2600:1f13:800:7782:b16c:a2b7:3125:e914
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=3a56eb6a-9dcf-5017-40cc-bd124b76c942&tv=%7Bc:vpjX59,pingTime:1,time:3262,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:28%7D,%7Bw:160,h:600,t:1249%7D,%7Bpiv:100,vs:i,r:,t:2260%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:2260,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2251~0,1~100%5D,as:%5B1240~0.0,1012~160.600%5D%7D%7D,%7Bsl:i,t:2260,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:86,fm:tX5Bst7+11%7C12%7C131%7C141%7C142%7C151*.1278205-67950628%7C1511%7C1611%7C1612%7C17%7C18,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:30,sis:386,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b16c:a2b7:3125:e914 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 10:51:21 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 20:54:53	Name: APC Value: AfxxVi6p_YnMAUL8UGKo-BeVco7KkczPPNnMFHup9ULwnJ2fXp71Lw
.kt365.vn/	1970-01-21 01:57:17	Name: __gads Value: ID=dcf519df6c0d4c78:T=1701341476:RT=1701341476:S=ALNI_MZSTC46rYF5yat7-Hutfpx_-1nECw
.kt365.vn/	1970-01-21 01:57:17	Name: __gpi Value: UID=00000da4c448ea4c:T=1701341476:RT=1701341476:S=ALNI_MZy1uERg4W0dbQqsRd2acQQL9e1oA
.doubleclick.net/	1970-01-21 02:11:41	Name: IDE Value: AHWqTUkGhAL61SNbh6d0AmxcsS_wG60n3DR06VkE0pBlsigMHo_8dVE96c6tbutMaYg
.casalemedia.com/	1970-01-20 18:45:17	Name: CMPS Value: 015
.adnxs.com/	1970-01-20 18:45:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>6fq1#y!]tbPl1M>e)ZlrFUfJ+tGXxpCC^!BpHK%u._!3mZ[I]<JDt0'#Oyxzj%[o_.3If)y3KL9D3I?+GvE+r0
.adnxs.com/	1970-01-20 18:45:17	Name: uuid2 Value: 2018592669445048887
.casalemedia.com/	1970-01-21 01:21:17	Name: CMID Value: ZWhpJsP0PA8r5JIttog3ZAAA
.casalemedia.com/	1970-01-20 18:45:17	Name: CMPRO Value: 1276
.demdex.net/	1970-01-20 20:54:53	Name: demdex Value: 17928427526878187983374294488968652414
.citizensbank.demdex.net/	1970-01-20 20:54:53	Name: citizensbank Value: 17928427526878187983374294488968652414
.doubleclick.net/	1970-01-20 16:35:45	Name: DSID Value: NO_DATA
.bluekai.com/	1970-01-20 20:54:53	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 20:54:53	Name: bkpa Value: KJyNpeWmQp91CKcE+YLRh6TXPaNbWjHR33DZMueidWOJHldVIT4PZQfKrEWXb2+vKIiZo5lyjq7KnTZVM7ru6HWh5Wyh72wMxKYj9nFUphyNUyAAa/RoXeI6dWGxVWiWxrz8qq3L2iN7M9iHFzz5kbzFPQ==
.bluekai.com/	1970-01-20 20:54:53	Name: bku Value: 3Y/O9YjoSsP8KIx2
.mediaplex.com/	1970-01-21 02:01:36	Name: svid Value: 452807331306131148

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bid.g.doubleclick.net
citizensbank.demdex.net
cm.g.doubleclick.net
control.kt365.vn
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
stags.bluekai.com
static.adsafeprotected.com
tpc.googlesyndication.com
tpt.mediaplex.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.250.65.230
142.251.35.162
172.253.115.155
23.46.225.71
2600:1f13:800:7782:b16c:a2b7:3125:e914
2600:9000:247b:f000:8:48e:53c0:93a1
2606:4700:3032::ac43:de84
2606:ae80:1451:17::1400
2607:f8b0:4006:80a::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2006
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2004
3.223.113.34
34.209.39.106
68.67.161.208
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
060fb5543721dd6723e071e1362f80ffa5794febc2b22e2f17173b2f57a480fd
061791d7fd8609a008d4ec467f19df95c0218c5f45d0705831a35b45284abb6a
067d0bd30358c7a31e4f42ded3dfa16e316004889d0df81ce5288f36e52ade72
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
157086b9655d6809e72cc067c10c7fb66138b8f9d7db02cd5829a5b3dc0acc92
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
175356879114bd3464396771d33f244bdfc3fe4ffd6680af7b4d4cb2d86f1fd3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18574ce7dd02669054cf459a898c599338aa774efaf02f78c3945656061d88e3
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d814a8cd9d6ec963c583d47b78a8c8f4d8f822e4be049bffd0ab958d872cc3f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d200a8e918bf01d0c1bfcf8ab4177c9117c5ddbe056f4d08e28aa19232f243e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bba439a4b241b97e3e36f5fe69a9d307efb97bf0df3cd7dd61afdb7bda848f9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
669524f975991f0f04e0d3dded5051a1281a6cffb65a3462ded865a5f6e280e5
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6edcc924fb428be26c118ae9f2f08b68397651652d528668a17f383e46f1c409
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
72f9b0822acbb0119028448e0341f30e5bd8c19700114ea13b6eb25d023a3699
7fc3631401161c70c325a4c94d97f6994e15817296c917d1a2e79f3b7682ab12
81b3585410702323b271c60fac814f9123f14b3d2ecf5d91dad7f0e3ec3b473b
88b9853e40b2d8fede5a06b5fc90fc7f89469582ddf9a97a06f343e3eaf90cd9
90fdf24a8611bb1b2413ec23cf0f18e79a82ac6e7ce3ceb599ba0774255b3066
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1aeb7efa3044f68632c9d05da48ee89b799045b16679abd8eace756b26b08bf
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
c22b28bf223946d1cdcf092a3398913d9ebe5146cd683e9627fca9195925fd8d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2
d727afa66e9eb3c25639a738ef78992e6606f9948fd67d6b5635e9e33ea684d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ab6cb464fc3b6b180f10e992d7ad6e7caafacb2d33d34061cd8ef208523bf7
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4785aa6c74ab83f176d55bed0b7e4ca4cb0354998cafe6f91ba96e48155c019
f79f497829714e4b042b006ce85a57cb8ad58dfbe322c70ba9359fe971fb373c
f8c380072c1943c5ae01267b8297fac71c34659f82b8743f4fa7704f141a5e72

control.kt365.vn Open in urlscan Pro 2606:4700:3032::ac43:de84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

91 %HTTPS

58 %IPv6

14 Domains

20 Subdomains

20 IPs

2 Countries

1462 kBTransfer

4186 kBSize

16 Cookies

1 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

control.kt365.vn Open in urlscan Pro
2606:4700:3032::ac43:de84 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

91 %
HTTPS

58 %
IPv6

14
Domains

20
Subdomains

20
IPs

2
Countries

1462 kB
Transfer

4186 kB
Size

16
Cookies

119 HTTP transactions
3 data transactions