dulichkhanhhoa.net Open in urlscan Pro
15.235.140.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy
Effective URL:
https://dulichkhanhhoa.net/
Submission: On October 24 via api (October 24th 2023, 10:20:32 pm UTC) from US — Scanned from SG

Summary HTTP 363 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 56 domains to perform 363 HTTP transactions. The main IP is 15.235.140.15, located in Singapore and belongs to OVH, FR. The main domain is dulichkhanhhoa.net.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.

This is the only time dulichkhanhhoa.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	15.235.140.15 15.235.140.15	16276 (OVH) (OVH)
3	2404:6800:400... 2404:6800:4003:c05::61	15169 (GOOGLE) (GOOGLE)
58	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
13	2404:6800:400... 2404:6800:4003:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:825e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2404:6800:400... 2404:6800:4003:c04::65	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c1a::66	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4003:c05::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::5e	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:150... 2400:52e0:1500::868:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2404:6800:400... 2404:6800:4003:c1c::9a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
13	2404:6800:400... 2404:6800:4003:c04::84	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
3	184.51.96.30 184.51.96.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.36.48.24 23.36.48.24	16625 (AKAMAI-AS) (AKAMAI-AS)
37	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4003:c00::68	15169 (GOOGLE) (GOOGLE)
2 6	23.36.252.26 23.36.252.26	16625 (AKAMAI-AS) (AKAMAI-AS)
25 73	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
8 20	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 13	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
36	2404:6800:400... 2404:6800:4003:c00::94	15169 (GOOGLE) (GOOGLE)
2	13.33.88.9 13.33.88.9	16509 (AMAZON-02) (AMAZON-02)
12	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
2 2	18.210.207.90 18.210.207.90	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
1 1	2406:da18:929... 2406:da18:929:5a03:8b8b:f38a:5939:37bc	16509 (AMAZON-02) (AMAZON-02)
3 3	35.75.99.130 35.75.99.130	16509 (AMAZON-02) (AMAZON-02)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	124.146.153.168 124.146.153.168	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2	124.146.153.152 124.146.153.152	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	207.65.33.83 207.65.33.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	35.213.109.249 35.213.109.249	15169 (GOOGLE) (GOOGLE)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2403:e800:e80... 2403:e800:e80b::2a63:8c9b	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
3 3	54.165.78.186 54.165.78.186	() ()
2 2	51.79.154.9 51.79.154.9	16276 (OVH) (OVH)
3 3	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:fa8:c411... 2a02:fa8:c411:12::1080	399104 (CNVR-APAC) (CNVR-APAC)
1 1	18.179.81.157 18.179.81.157	() ()
2 2	2600:9000:223... 2600:9000:223b:5e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.130.91 52.46.130.91	() ()
1 1	52.45.175.185 52.45.175.185	() ()
1 1	23.52.171.89 23.52.171.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2001:df2:a300... 2001:df2:a300:bbbb::135	() ()
1 1	35.230.38.116 35.230.38.116	() ()
1 1	18.176.234.133 18.176.234.133	16509 (AMAZON-02) (AMAZON-02)
4 4	50.31.142.255 50.31.142.255	() ()
1 1	35.214.160.161 35.214.160.161	() ()
5	2404:6800:400... 2404:6800:4003:c05::5e	15169 (GOOGLE) (GOOGLE)
1	38.133.127.159 38.133.127.159	() ()
3 3	188.42.105.236 188.42.105.236	() ()
17	2606:4700::68... 2606:4700::6811:c96e	() ()
363	40

24 15.235.140.15 (Singapore)

ASN16276 (OVH, FR)
PTR: vps-004b4c1e.vps.ovh.ca

dulichkhanhhoa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c05::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c06::9c (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:825e (United States)

ASN13335 (CLOUDFLARENET, US)

member.profitsfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4003:c04::65 (Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1a::66 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4003:c05::9a (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::9c (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1500::868:1 (Singapore)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1c::9a (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c04::84 (Singapore)

ASN15169 (GOOGLE, US)

b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.51.96.30 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-96-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.48.24 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c00::68 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.36.252.26 (Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 74.125.200.155 (United States) 25 redirects

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.27.193 (None, ) 8 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 103.43.90.21 (Singapore) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2404:6800:4003:c00::94 (Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-9.sin2.r.cloudfront.net

a.svtrd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Tokyo, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.210.207.90 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-207-90.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a03:8b8b:f38a:5939:37bc (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.75.99.130 (Tokyo, Japan) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-99-130.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 124.146.153.168 (Japan) 2 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.153.152 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

gdn.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.33.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com

y.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Ulyanovsk, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2403:e800:e80b::2a63:8c9b (Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.165.78.186 (None, ) 3 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.154.9 (Singapore) 2 redirects

ASN16276 (OVH, FR)
PTR: ip9.ip-51-79-154.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.2.229 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:c411:12::1080 (Amsterdam, Netherlands) 2 redirects

ASN399104 (CNVR-APAC, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.81.157 (None, ) 1 redirects

ASN- ()

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223b:5e00:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (None, ) 1 redirects

ASN- ()

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.171.89 (Singapore) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-89.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.230.38.116 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.234.133 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.31.142.255 (None, ) 4 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.160.161 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c05::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.133.127.159 (None, )

ASN- ()

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.236 (None, ) 3 redirects

ASN- ()

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6811:c96e (None, )

ASN- ()

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
109	doubleclick.net 25 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	503 KB
103	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	789 KB
36	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	2 MB
25	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 analytics.google.com — Cisco Umbrella Rank: 178 www.google.com — Cisco Umbrella Rank: 2	115 KB
24	dulichkhanhhoa.net dulichkhanhhoa.net	866 KB
20	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	14 KB
17	bannerflow.net c.bannerflow.net	142 KB
13	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	10 KB
10	media.net 2 redirects contextual.media.net — Cisco Umbrella Rank: 780 warp.media.net — Cisco Umbrella Rank: 2913 lg3.media.net — Cisco Umbrella Rank: 7536 hblg.media.net — Cisco Umbrella Rank: 2435 cs.media.net — Cisco Umbrella Rank: 1684	102 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	412 KB
5	ampproject.org cdn.ampproject.org	104 KB
5	gstatic.com fonts.gstatic.com	96 KB
5	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 1247 gdn.socdm.com — Cisco Umbrella Rank: 90466	5 KB
4	zemanta.com 4 redirects b1sync.zemanta.com	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	3 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com	1 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 434	2 KB
3	stackadapt.com 3 redirects sync.srv.stackadapt.com	3 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5362	996 B
3	impact-ad.jp y.one.impact-ad.jp — Cisco Umbrella Rank: 5751	654 B
3	uncn.jp 3 redirects ds.uncn.jp — Cisco Umbrella Rank: 25694	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	244 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 893	912 B
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	881 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 913	823 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 409	973 B
2	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 8350	466 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 967	1 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 912	743 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 402	919 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2841	961 B
2	fksnk.com 2 redirects fksnk.com — Cisco Umbrella Rank: 5702	1 KB
2	svtrd.com a.svtrd.com — Cisco Umbrella Rank: 54782	3 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13957	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
1	outbrain.com sync.outbrain.com	287 B
1	loopme.me 1 redirects csync.loopme.me	457 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 85780	736 B
1	simpli.fi 1 redirects um.simpli.fi	755 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2907	1 KB
1	bluevoox.com 1 redirects im.bluevoox.com	516 B
1	admeme.net 1 redirects v9999.adv.admeme.net	302 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1858	48 KB
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 5360	134 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	581 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1030	492 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	746 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 48486	704 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416	699 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	76 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	611 B
1	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12369	408 B
1	profitsfly.com member.profitsfly.com	1015 B
363	56

	Domain	Requested by
73	cm.g.doubleclick.net	25 redirects googleads.g.doubleclick.net b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com dulichkhanhhoa.net
58	pagead2.googlesyndication.com	dulichkhanhhoa.net pagead2.googlesyndication.com b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
37	tpc.googlesyndication.com	dulichkhanhhoa.net b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net cdn.ampproject.org pagead2.googlesyndication.com
36	s0.2mdn.net	dulichkhanhhoa.net s0.2mdn.net b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
24	dulichkhanhhoa.net	dulichkhanhhoa.net
20	dsum-sec.casalemedia.com	8 redirects googleads.g.doubleclick.net
17	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
15	fundingchoicesmessages.google.com	dulichkhanhhoa.net securepubads.g.doubleclick.net
13	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
13	securepubads.g.doubleclick.net	dulichkhanhhoa.net securepubads.g.doubleclick.net
12	googleads4.g.doubleclick.net	dulichkhanhhoa.net
9	www.google.com	dulichkhanhhoa.net b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
8	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	dulichkhanhhoa.net b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	b1sync.zemanta.com	4 redirects
4	x.bidswitch.net	4 redirects
3	sync.gonet-ads.com	3 redirects
3	eb2.3lift.com	3 redirects
3	sync.srv.stackadapt.com	3 redirects
3	an.yandex.ru	2 redirects dulichkhanhhoa.net
3	y.one.impact-ad.jp	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
3	tg.socdm.com	2 redirects b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
3	ds.uncn.jp	3 redirects
3	cs.media.net	2 redirects contextual.media.net
3	contextual.media.net	dulichkhanhhoa.net contextual.media.net b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
3	fonts.googleapis.com	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
3	www.googletagmanager.com	dulichkhanhhoa.net www.googletagmanager.com
2	s.amazon-adsystem.com	1 redirects dulichkhanhhoa.net
2	s.ad.smaato.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	onetag-sys.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	dsp.adkernel.com	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	gdn.socdm.com	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com dulichkhanhhoa.net
2	match.adsrvr.org	2 redirects
2	a.sportradarserving.com	2 redirects
2	fksnk.com	2 redirects
2	a.svtrd.com	s0.2mdn.net
2	lg3.media.net	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com contextual.media.net
2	images.dmca.com	dulichkhanhhoa.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	sync.outbrain.com	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
1	csync.loopme.me	1 redirects
1	cs.r-ad.ne.jp	1 redirects
1	um.simpli.fi	1 redirects
1	r.turn.com	dulichkhanhhoa.net
1	ad.turn.com	1 redirects
1	analytics.pangle-ads.com	1 redirects
1	im.bluevoox.com	1 redirects
1	v9999.adv.admeme.net	1 redirects
1	code.createjs.com	s0.2mdn.net
1	cs.chocolateplatform.com	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	trace.mediago.io	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.fout.jp	1 redirects
1	px.ads.linkedin.com	1 redirects
1	hblg.media.net	b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
1	warp.media.net	dulichkhanhhoa.net
1	cdn.jsdelivr.net	dulichkhanhhoa.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.com.sg	dulichkhanhhoa.net
1	analytics.google.com	www.googletagmanager.com
1	member.profitsfly.com	dulichkhanhhoa.net
363	70

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.pinterest.com
www.youtube.com
www.dmca.com

Subject Issuer	Validity	Valid
dulichkhanhhoa.net R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
a.svtrd.com Amazon RSA 2048 M03	`2023-09-23` - `2024-10-21`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
y.one.impact-ad.jp Sectigo RSA Domain Validation Secure Server CA	`2023-03-14` - `2024-03-14`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 43 frames:

Primary Page: https://dulichkhanhhoa.net/
Frame ID: BFC73BCEE7092975CEE09E12BC57B59A
Requests: 85 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html
Frame ID: D70BC8133CE56CF04892B23C4A56644D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6243045912649773&output=html&adk=1812271804&adf=3025194257&lmt=1698157221&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698186020997&bpp=7&bdt=176&idt=295&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4150220769492&frm=20&pv=2&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C31079080%2C44798934%2C44801484%2C44805112%2C44805534%2C44805932%2C44806738%2C31078297&oid=2&pvsid=3885881968441235&tmod=331706298&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=346
Frame ID: C590DB435E3EEA94B7C39D66BAB4AFF0
Requests: 1 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 060B55C42069EEFA3A40DBA10B3BAD5C
Requests: 1 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A8D92134F3696B1AC0A2892ACEEE5A2
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUL26IV2&ydspr=1
Frame ID: 7005D41C3548D0C67DA8CCCA672010A7
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2881&&kkdd=*W%7CH%7Cn9*A&VG=Zqz.Z.qA9Z6z9Ozb..6&Mt4f=A&Fg4H=A&ktV=ZAz.&)gk(=Q9zq&kGt=.i5Q9qRC9&k4kt=Aq26zrjG*m7RU*Z8OcLdFl%3D%3D&kfGt=q6ddZO6Ab&gGP(=O9Ao6.A&kk=J*&kaUF=ul7nKB0&4Gt=.XKmqh.C6&)4Gt=YZ~Oqq.&a))4g=Z&fff=)P7DaQk!DQ.fnq49uxQ7U-Lj1zbbiQxD2c51bdi_a*~%3D&_8fT=a))4g%3A%2F%2FtE!Gka_aHUaarHpU()&(_8fT=8bb~2%3AJJKoI.B858ZP88FZpPmb&Ug(=d&!8=Z&EMt=6&Ht)Z=.i5667ObK&Ht)9=bObZ6..qb&1tH)H=y1o3!(U%3DZ969y1a4%3DAy1Gt%3DApA9Ay1o3HUk(g)rf%3DODOSdDOSZ.DOS9ADOy1o3HgU%3DAy1o3(o4%3DAy1o3MGUgE%3DAy1o3GU)Ft%3DAy1o3fa%3D6bc~24I.uWy1o3f4k%3DAAZAAAZy1o3gGP(%3DO9Ao6.Ay1o3)FHo%3D9dAy1o3)F!3gETTGo%3D%2FykG)L%3DJRB*lXK7~yk_3T!%3D9ytk%3DMk4DH4HkDg(ZD1ytFF3tZ%3DAytFF3tZA%3DAytFF3tZ9%3DOytFF3tZ6%3DAytFF3tZd%3DZytFF3tZq%3DOytFF3tZb%3DZytFF3tZ.%3DZdytFF3tZz%3DZAAAytFF3t9%3DYytFF3t9Z%3DDZytFF3t99%3DApAOytFF3t96%3DdytFF3t9d%3Dt(T3t(TytFF3t9.%3DdytFF3t9z%3DApAAytFF3tO%3DAytFF3tOA%3DAytFF3tO9%3DZytFF3tOO%3DAytFF3tOq%3DBlytFF3tOb%3DYytFF3t6%3DZAytFF3t6A%3DAytFF3t69%3DAytFF3t6O%3DAytFF3t66%3D4frtytFF3t6d%3DAytFF3t6q%3D7ytFF3tdZ%3DAytFF3td9%3DApAAytFF3tdq%3DAytFF3tb%3DAytFF3t.%3DAytFF3!%3DApA6AytFF3FZ%3DApA6qytFF3FZA%3DZpAAAytFF3FZZ%3DZpAAAytFF3FZ9%3DApdO9ytFF3FZO%3DZpAAAytFF3FZ6%3DZpAAAytFF3FZd%3DApzzbytFF3FZq%3DApZZbytFF3F9%3DApAbdytFF3F9Z%3DZpAAAytFF3F9O%3DZpAAAytFF3F96%3DZpdzOytFF3F9d%3DZpAAAytFF3F9z%3DZpAAAytFF3FO%3DZpAAAytFF3FOA%3DZpAAAytFF3FO9%3DApAZAytFF3FO6%3DZpAAAytFF3FOd%3D9pAAAytFF3FOq%3D9pAAAytFF3FOz%3D6pAAAytFF3F6A%3D6pAAAytFF3Fd%3DZpAAAytFF3FdZ%3D9pAAAytFF3Fd9%3DAp9AAytFF3FdO%3DApdAAytFF3Fd6%3DdpAAAytFF3Fdd%3DApdAAytFF3Fdb%3DZpAAAytFF3Fdz%3DZpAAAytFF3Fq%3DZpAAAytFF3Fb%3DApOO6ytFF3FbO%3D9pAAAytFF3Fb6%3D9pAAAytFF3Fz%3DZpAAAytFF3f%3DApZZby(3f4F%3DApA6qy(f4F%3DApA6qyak%3DA%20%2B%20AyGaH%3DAyG)L4(%3Dlceyf3kk%3DJ*yf3G4%3D9AAZDAtTZDA.AADAAAADAAAADAAAADAAAADAAAAyf3gk%3DAZyf1r%3Dd3Oyf(T3kU)%3DAyg(!!(f3)HM3Gt%3DZdZ.Ad..Obyg)t%3DZdZ.Ad..ObyV1f%3DAyk1t4%3DApAZZygt%3DZyG)L4(3Gt%3DZbyg(!!(f3)HM3Gt%3DZdZ.Ad..ObygE44!L3)HM3Gt%3Dyt()(k)(t3)HM3Gt%3DyVG(8H1G!G)L%3DAp9y4rg%3DZyHk3)L4(%3DZyHt1!_%3DZdZ.Ad..ObyHF4%3DZyrM1Gt%3DApA9Ay1T!f%3DApAZAygEGt%3Dil~J~KP7s(*.~*YR)g7tU(Q1J)0yt)k%3DH4Hk3gMytFF3(f4F%3DTH!g(ytFF%3DaHfFrULy1t4kH4t%3DAytH!M%3Dt(THE!)yGUg!%3DZygr14%3DyoGt%3DlceD4E1D6.z6b9dbzzAA9qq6ya)F!%3DZytkE)%3D6dytrM1%3DADZy(k43Eg(t%3D1(!r83sdAy(k4349d%3DAy(k434dA%3DAp9O9A9y(k434qA%3DAy(k434bA%3DAy(k434bd%3DAp6AqAZy(k434.A%3DAy(k434.d%3DAy(k434zA%3DAy(k434zd%3DAy(k434zz%3DAyG1k%3DZy&U)V=A&G8=A&GURTf=Z&1tfRt=OZz&1Gt=O6b66A&_))!(=JHT(-fHF(%20irU)HGU(f&FkT=qd9ZO&Ltg4f=Z&1H(=W6HsWs66MW&_H)4f(=Z&_H)1Gt=DZAO&kHtrFHGU=)P7DaQk!DQDuJaB69DEETkVJ~b8k)_nqEqV240O_ozOci*FJmJh0h8%3D%3D&L4!4=Z&GgGt=Z&HtV=ltVHUk(%20JGF4!(&4MGt=4AZdZ6Zzq6dO)9A9OZA96999A&gg!t=%7B%22ggG4%22%3A%229AAZ%3AAtTZ%3AA.AA%3AAAAA%3AAAAA%3AAAAA%3AAAAA%3AAAAA%22%2C%22ggkk%22%3A%22J*%22%2C%22gggk%22%3A%22AZ%22%2C%22ggk)L%22%3A%22gGUMH4rf(%22%7D&a)F!gfk=Z&)kT3kF4=Z&ure=1
Frame ID: BC46224572B5E86AC0766CD3640972FB
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 512ACF3CD8D3DB18FC67016E2E1F9C6E
Requests: 2 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 30DFAE2302166CCE0DBCE3EC41BD1EE1
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjOnanyATAB&v=APEucNWxv836cb-apR6ehNzvn8WG5ZJFYf153mhXxc4zPpoYS3Cb-Lc6JW4noqbBVYhMBl4mTqlG31gtVXSc9ng8U6DJYGggay-_VdCI84m-J-6l7QrdChs
Frame ID: EE8743D857DB095D4ED16E6BC4EC0176
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2664C425C509FB407E76127FC76A711B
Requests: 9 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 115CBF8FBF6ABFCF973B6ED9A5B84B2C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5C352BCDC9DB7075C1EEE92931D672F3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
Frame ID: 7602BA2C9E7A4560360117F63077E078
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCvmuzJBBjdw4j7ATAB&v=APEucNX57RV1lcbKEi3cmw32Dargpzqx3Wmm6jeFiiOqqjGpnZPFPCh6g2Esj3qXKgd_C1BHW_Lr98fw9Pf_FP3TGoIcgxJWzpQO-5YBLApnAHPCuibeTSU
Frame ID: 0D875B787CFD2A7A38C991657F83C585
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0C9610D221DED71C059D7B21A3482E75
Requests: 9 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0925B96A72F236EF6BA678D305A4E5AF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNEDENWYWRitzcT1ATAB&v=APEucNU8R_qNbPSdfrWwSU3L5Z-Of61L1mMkyyX09x7G157WYdDdc9N-db2QH6tl1UP7Yzs2JQ3H8AYf9S0dX0hrNETcVqIAjkWmU3QXFfLdR9jTSkvPTNY
Frame ID: 4013D2716ACE83D411AE1B33ADE2C459
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43E00666AD7D6ABFEFD9F169A160C09C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 206BBC4ABC1242F3F37D0D6E136019F0
Requests: 3 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 120C6A09EB08A35281283775ECBBE122
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDBC54D51C28C800087ECA1EF79A4180
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250
Frame ID: 475D9E1CCE8B4193C88F99A9DDA75132
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGIvPsaABMAE&v=APEucNVQvgjmEYNNbNL4rP0r-XTZVpDCAaMtAegg412CljP-dUEb7K5GQ03Mv-IoZXELV4fibBk0HWgyyuMpLbFU8gVHXHzcn9B7RLsewatB3r128aEbo9s
Frame ID: 808F5949A1B4E8B73085397D0794ECA8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E86A8B9FF9B9F464386CC513C08633A6
Requests: 9 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF13190476B67D04690A2F892C0BDA08
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 18F9E40D62DC93FFE7C3584E9C0123C3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiOkqQDEL3b0qQDGK6k5fQBMAE&v=APEucNWBP-DQ9APAkr2UwirfRdujBI_fmCUiswLTO20kYbQ398cTGxAiljQbXRJit-NrFH97k5AvXREp-0L_v6iUAmIiL12LGBPyXqqvkR1aEfuSUbaX3Ok
Frame ID: 5ABCCEAFDC575C5788026289BB0C62C9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63B0BAF3A53A0572AE3A13FBBF121E16
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Frame ID: FCE86D92C1EB7A011C30B80DB8DC2350
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
Frame ID: 9C2C70F0DA9215F617A58FB0D4EAC90E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 766BCA93EEBD91F6EAF82139917B7A11
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C1A9ACC1776F5434F941C6236C1F12F3
Requests: 3 HTTP requests in this frame

Frame: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7CAC241F1CC5047E09B15AF2342537E0
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7383965533667852288/POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html?ev=01_250
Frame ID: E2D9736ED95432B0E267A9AAE99B5BD7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjV94P6ATAB&v=APEucNWK5Z93VxsyY3EabbhvZYu7__IvKqWGjZ5o-qrMmxLn5tyCIkgs7mjhptrJbaGbyTV_YDna9zjcG3awtJHgqlEdXO_5pR1JvW6N7vdIAP-mGpdIMb8
Frame ID: 54D98572532B4FD52ADE46227564E8D3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5DD999779D80E54D2C5B832719C70C37
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs
Frame ID: 2D3406F42D44E7C952F3E662A9E6530E
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B3DE9E7EB3B092775EE9D194D201E458
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EB42858028216E4392EA13222FE44DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 938F90D7A944CD8FB38868A93CFA2E2F
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/b5ec1667-6147-4a66-896c-0d75737e23e7
Frame ID: 3A5647FA4980061F0EDEBA3BE8DD6D01
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/a0874122-b553-4f48-899e-38528c15fbcd.svg
Frame ID: 8C8F3BD415EA7C3BA6029C457A664F55
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Đại Lý Cho Thuê Xe, Bán Tour Du Lịch TBTTravel Nha Trang

Page URL History Show full URLs

https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy Page URL
https://dulichkhanhhoa.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

363
Requests

81 %
HTTPS

42 %
IPv6

56
Domains

70
Subdomains

40
IPs

7
Countries

5156 kB
Transfer

11274 kB
Size

49
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/dulichkhanhhoa.net
Title: Dulichkhanhhoa.net

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dulichkhanhhoa/

Search URL Search Domain Scan URL

URL: https://twitter.com/dulichkhanhhoa

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/dulichkhanhhoa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCU_Bwr_bZH_pMeZnKSKlKsg

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=0d7ca897-1377-4984-a61c-2466f50f335b&refurl=https://dulichkhanhhoa.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy Page URL
https://dulichkhanhhoa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQxMTg3NjIyODA5NDI4NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESED4JeVrmOXHieL-1ntHbrs0&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1&gdpr=0&C=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJhxz-VG8T782zZgTtQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEERz4yFfGlJgro727dbK6n8&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Request Chain 114

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELtso6AJlPYROoiLWT0uiEs&google_cver=1&google_push=AXcoOmTphazwkOP7QtXmvMOjZA3NZHLQMCFFCPVBkl_pRHaxlUGZ_BC6MGwxBlNMEGLBx2zVQA_1XX875ClJPCheVtSBvyGy-UTUS1vXds2tabV9zMwrlzR3wzemsZMV2IzdOruyZ7dwWgo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTphazwkOP7QtXmvMOjZA3NZHLQMCFFCPVBkl_pRHaxlUGZ_BC6MGwxBlNMEGLBx2zVQA_1XX875ClJPCheVtSBvyGy-UTUS1vXds2tabV9zMwrlzR3wzemsZMV2IzdOruyZ7dwWgo

Request Chain 115

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESENRm2jDcCQ8zBmp5kD-a99c&google_cver=1&google_push=AXcoOmS7bql84x0AOA7aeRbaeOAeBXQe_1edeVSTenekH69estxgXzwtm6WLMg7-5SgBKg4ZhqCp4e4yP0DdzzchrlZ8YF5Epnkdtq3yqZ8yLsJoXYskflQ627vab2DWvYuIYMR-phWE3Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS7bql84x0AOA7aeRbaeOAeBXQe_1edeVSTenekH69estxgXzwtm6WLMg7-5SgBKg4ZhqCp4e4yP0DdzzchrlZ8YF5Epnkdtq3yqZ8yLsJoXYskflQ627vab2DWvYuIYMR-phWE3Hw&google_hm=R1p3Y3pNV1dfRXQ0Q2NIOS1uemlfaUlIcV9N&from_google=pc1

Request Chain 116

https://fksnk.com/cs/google?google_gid=CAESELmexr9vsBKnGQ7xd8EsTRo&google_cver=1&google_push=AXcoOmT081qxM3s3vUV_YAx39Y8x5BbgWe_Eu2xe7eUG8shg1Re7Ta7p22ZGjCvs3xHa0QxCotePU7LA4VcRaRSuzJwOmoBUbTZ-vgpb22Fe2mVK1MYwIQZnZ2lL0mzvaPoHWiciJotpPNc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzkxQTY0RjMyODdBOEE5RQ==

Request Chain 117

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN7lqAduUfehml2VqybwqIo&google_cver=1&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTUZDrcRNx335snSfYEXnVTozjstcfa6PsTUj3h9SfiN-EhoN8VmzxlDXxA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN7lqAduUfehml2VqybwqIo&google_cver=1&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTUZDrcRNx335snSfYEXnVTozjstcfa6PsTUj3h9SfiN-EhoN8VmzxlDXxA HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ca6664cd-d4c8-455b-a1f7-3564e6b6f252&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTUZDrcRNx335snSfYEXnVTozjstcfa6PsTUj3h9SfiN-EhoN8VmzxlDXxA&google_hm=9-fQDC-yQ66IQYDLlAclBg==

Request Chain 118

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF4ST3lc0SSkZT9gtzup3wE&google_cver=1&google_push=AXcoOmR0LcfAugTbVLMzVCVq76tGfNul67MGd2dNsTfB-1jTzXBpY0elOEWbpy3rz8Kie2pOh9EWQVnua9eqVskHGe0nwaqlTyfCzTb5LnPj_CldkG0f-a_msPiHgpMsUHB06tinXkPiXBo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0LcfAugTbVLMzVCVq76tGfNul67MGd2dNsTfB-1jTzXBpY0elOEWbpy3rz8Kie2pOh9EWQVnua9eqVskHGe0nwaqlTyfCzTb5LnPj_CldkG0f-a_msPiHgpMsUHB06tinXkPiXBo&google_hm=eS1SYlJ3TFdORTJwSHVKX3ZuOWVJTGQxcV9TTldwb0RxNH5B

Request Chain 119

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESENd5To-aG8pns8mZrogVLSg&google_cver=1&google_push=AXcoOmTT9hbROUMimEdzJ1p1dduUJcZlCrRanQostb0yWeLaUgFfaptrjevPJ0bJAQaG0Rw9GoU97gO8KAYY5ReJTiIsDq3vWl6Hq8SXI6BjtiBhEMOflTHPcPXsyIEcKhq7eZfydWlAPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTT9hbROUMimEdzJ1p1dduUJcZlCrRanQostb0yWeLaUgFfaptrjevPJ0bJAQaG0Rw9GoU97gO8KAYY5ReJTiIsDq3vWl6Hq8SXI6BjtiBhEMOflTHPcPXsyIEcKhq7eZfydWlAPg&google_hm=AWaF1mJZxUlkqd8oZRCN54I

Request Chain 120

https://cs.media.net/cksync?type=g&google_gid=CAESED4JeVrmOXHieL-1ntHbrs0&google_cver=1&google_push=AXcoOmRexuP2Bqt3bDvapAYVYOu2Oa2nRP6IdOVVptZ0V0zDJKcgerhvwUS9CAo7dPsT17YBnY48E4iqZhAMHWFGR1-2fBqLIDn6gb_E8rcnAhaTC7e8Nru2RHJPj06JCwwcIRZkNVdj2SI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRexuP2Bqt3bDvapAYVYOu2Oa2nRP6IdOVVptZ0V0zDJKcgerhvwUS9CAo7dPsT17YBnY48E4iqZhAMHWFGR1-2fBqLIDn6gb_E8rcnAhaTC7e8Nru2RHJPj06JCwwcIRZkNVdj2SI&gdpr=&gdpr_consent=

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&gdpr=0

Request Chain 144

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&google_hm=2

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENLnYiQDaVXg2eG7LzJvFuk&google_cver=1

Request Chain 146

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Request Chain 151

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMZ8bUQdokfd_SYiZax0fwE&google_cver=1&google_push=AXcoOmTRa12axVUJHsGauMPhj59EKTi0jPeHoaVTfvYhhhtrm19HmTMWvHB9bzzb_vp-Rrhhm2qhYY0YZsQiJu1Ec7KqSv7b9u4S9fvLDJS1s1mMRqVUwOkZiHtK8FIqwmfiodvBH209jv9TVP5SucqAGSU HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEMZ8bUQdokfd_SYiZax0fwE&google_cver=1&google_push=AXcoOmTRa12axVUJHsGauMPhj59EKTi0jPeHoaVTfvYhhhtrm19HmTMWvHB9bzzb_vp-Rrhhm2qhYY0YZsQiJu1Ec7KqSv7b9u4S9fvLDJS1s1mMRqVUwOkZiHtK8FIqwmfiodvBH209jv9TVP5SucqAGSU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTBiZGM0ZjgtODljYS00YjkyLWJlNWQtZjE0OThjZDhlNDFj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a0bdc4f8-89ca-4b92-be5d-f1498cd8e41c

Request Chain 152

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESENEFH15aW_FhSXxxuOBvT18&google_cver=1&google_push=AXcoOmTOEvNmHv9ygddeqs9c91XmhxWBdpKTK6wO6Ww4qchmPstLH3kcuIIjal0EjghgCJodpgbYQZGf5NARsfgCFScAlnd_6-lUzNw78Z9ejDZpCspTXtmYW2MVLJPp7avj_H4hopR1IGare_SPL2hLy-I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlRoREpzQ284WUVBQUkzVFgzTUFBQUFB HTTP 302
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDu0EshvjLGy52d0miRtSkk&google_cver=1

Request Chain 153

https://fksnk.com/cs/google?google_gid=CAESEP-fmw483t1fPMGAbXfRLJM&google_cver=1&google_push=AXcoOmTI_fZaufiDXFtZU_ABXQZzAQ2SiGmhSuul0iBmLnwvYOE7BQb6DqDp7oKrSm7oqqWkUpR8N7CPFMg5yYKgfnq7vTzBcKObhIl1xEfcvhjF8h8dDJh_1LCZ2sVJcfjQIuLbVZhKHOyiyR9fg2cvoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTIzMEU4NUNCOUMyMEM2NQ==

Request Chain 154

https://rtb.openx.net/sync/dds?google_gid=CAESEAwcVYdBK0UtgvpyEq5R7CI&google_cver=1&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23ndxY1mavuiQMoyU_POiO2wIIqc-8p12aVaMbGkkjrK5HFmUzxnDIsdI HTTP 302
https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEAwcVYdBK0UtgvpyEq5R7CI&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23ndxY1mavuiQMoyU_POiO2wIIqc-8p12aVaMbGkkjrK5HFmUzxnDIsdI&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23ndxY1mavuiQMoyU_POiO2wIIqc-8p12aVaMbGkkjrK5HFmUzxnDIsdI&google_hm=ByrsqJKnxD8YFzxf3231ow==

Request Chain 155

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPV25Ou-sIN4O2sHglZ2i5s&google_cver=1&google_push=AXcoOmRlNcpS9BGk7zOvY64XjUGR9jXMy3m_End2hURh2t1N2oHK3stELN1ICI473_aump9wrUpGiavpTbzcSLSPUD4AId3KpBDX3ajnBLFzB5THtYtXKf2eX-8Gd18GmGoGVrN3EtGQBx28L62fgcS5CDM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPV25Ou-sIN4O2sHglZ2i5s&google_cver=1&google_push=AXcoOmRlNcpS9BGk7zOvY64XjUGR9jXMy3m_End2hURh2t1N2oHK3stELN1ICI473_aump9wrUpGiavpTbzcSLSPUD4AId3KpBDX3ajnBLFzB5THtYtXKf2eX-8Gd18GmGoGVrN3EtGQBx28L62fgcS5CDM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZlaBMfJVTqCWrfhec08pAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRlNcpS9BGk7zOvY64XjUGR9jXMy3m_End2hURh2t1N2oHK3stELN1ICI473_aump9wrUpGiavpTbzcSLSPUD4AId3KpBDX3ajnBLFzB5THtYtXKf2eX-8Gd18GmGoGVrN3EtGQBx28L62fgcS5CDM

Request Chain 157

https://trace.mediago.io/cs/google?google_gid=CAESEGhNoavvoMinWq-NPYRA-FI&google_cver=1&google_push=AXcoOmRSf2knz1Tj1dCoAk7R544PPpY-OKZ9rcOp7Gntixpa7gn7B1yt8mC7AHz6Pnp-e54f9MEueAgTBWpzbSbm-NbomguxuiyYzgjTR9PIbkBf5ol4J3Dp5H4IsuFOaDpaaWIXPBp3kfsucM6K74Sbx_tg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRSf2knz1Tj1dCoAk7R544PPpY-OKZ9rcOp7Gntixpa7gn7B1yt8mC7AHz6Pnp-e54f9MEueAgTBWpzbSbm-NbomguxuiyYzgjTR9PIbkBf5ol4J3Dp5H4IsuFOaDpaaWIXPBp3kfsucM6K74Sbx_tg&google_hm=afe098ab4582d7561i7aaz00lo4w41lh

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&gdpr=0

Request Chain 175

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&google_hm=2

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEG6Q4rYajVhr1KoKl_WBxCw&google_cver=1

Request Chain 177

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOGy_N3CTlhtnBbAe_i7oYY&google_cver=1&google_push=AXcoOmRyJ93D4ODTKfcGlebNUjKyLT71_Tfwqm_PRCuLlUiwCLhuODNwbRlNYQHfU9_Gij9HTYFYb5YcINW-88NtAvRu2dQZNMWwErA7raTtRdh_jkAKSUm_R6ftf31HZNxX1by3i4D7TsLHHTeH6OKLRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGy_N3CTlhtnBbAe_i7oYY&google_push=AXcoOmRyJ93D4ODTKfcGlebNUjKyLT71_Tfwqm_PRCuLlUiwCLhuODNwbRlNYQHfU9_Gij9HTYFYb5YcINW-88NtAvRu2dQZNMWwErA7raTtRdh_jkAKSUm_R6ftf31HZNxX1by3i4D7TsLHHTeH6OKLRA

Request Chain 185

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK3-rjed86Em_LugLpvXHF0&google_cver=1&google_push=AXcoOmTLzh1A8qPV9Xm0G4Bg5vHXWBxsdhxrHjfjUyuWiKIzf7f2u7qO_HI7r86MjMHS_Y6T5dlTsjZw6BLauLeFAXn8U9OBJTzZiHRyWHKF7YGN3Ryq85iGjqTzuC1fXq2xaDC6n2hbl6So53Qd5BigRf0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQxRkUtMUQtQjlKVQ==&google_push=AXcoOmTLzh1A8qPV9Xm0G4Bg5vHXWBxsdhxrHjfjUyuWiKIzf7f2u7qO_HI7r86MjMHS_Y6T5dlTsjZw6BLauLeFAXn8U9OBJTzZiHRyWHKF7YGN3Ryq85iGjqTzuC1fXq2xaDC6n2hbl6So53Qd5BigRf0

Request Chain 186

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEBY9mF4pxPG9CD-GKnq2ldg&google_cver=1&google_push=AXcoOmTboAKKiBn3qRaiuyG3PXwIiDnF48MERkHWB3XHYF4GazY0Sqh0PzJVwL2fK-8ARvLoHGbgM0IzAl_XHEXVyHigVsa4dKZudbIL3mJJ-LOnn-z7n7hKSArZBW79-26xKJEVgjd-ekwcrTCoAV2pibM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTboAKKiBn3qRaiuyG3PXwIiDnF48MERkHWB3XHYF4GazY0Sqh0PzJVwL2fK-8ARvLoHGbgM0IzAl_XHEXVyHigVsa4dKZudbIL3mJJ-LOnn-z7n7hKSArZBW79-26xKJEVgjd-ekwcrTCoAV2pibM&google_hm=AWaF1mJZxUlkqd8oZRCN54I

Request Chain 189

https://an.yandex.ru/mapuid/google/CAESEDfmFDQ7bPn3dGGcU0gwL48?ext-param=AXcoOmQTfCQqYu2luaKFTQjHILKkkYlnSS1oMTS9ZXSs0Noa9g9torud-s1wfz6bvcTdU6_1lHBdpUjCdccTu2r-MY3WunAEZidVD0UxIgodoVypXs8JqVeyL0PDUA6nKdtJ1KZkHxtz7iQ-qs9QLbUdXB4t&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEDfmFDQ7bPn3dGGcU0gwL48?redir-setuniq=1&ext-param=AXcoOmQTfCQqYu2luaKFTQjHILKkkYlnSS1oMTS9ZXSs0Noa9g9torud-s1wfz6bvcTdU6_1lHBdpUjCdccTu2r-MY3WunAEZidVD0UxIgodoVypXs8JqVeyL0PDUA6nKdtJ1KZkHxtz7iQ-qs9QLbUdXB4t&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDfmFDQ7bPn3dGGcU0gwL48&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 190

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPiFri7Li7_z6hYzHs-qSz4&google_cver=1&google_push=AXcoOmQQeZN5IzOBtvRAzM97MQhqvqJEoISvdWq0FzweuVMym0qB54BV1JvU0gMKt52AmkDs-8KgWAylifTk-1IpgpB62qhAbml0uwGUXoYDw-r0BWH5yaH-QHBiNoEog-hjcfCfgQx1GDpxuZh9T3-CH3j0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f7e7d00c-2fb2-43ae-8841-80cb94072506&%%GOOGLE_PUSH_PAIR%%

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzKbSgLvJ0MCrufnIDJKis&google_cver=1&gdpr=0

Request Chain 211

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1

Request Chain 213

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Request Chain 217

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEG23Hz5YC4O7YZ70XXER4iI&google_cver=1&google_push=AXcoOmTcnrVjRpJeD39zC6Apa2tsaS7jhrYtWf3Kp0WoWWIHLV5XWM-Ea81sxnwpytCiagmT_lRmHZ-o1_h4BDtpyyVH7sYkCmKvWTJhiMQaYE6ECvUFQMfhUZacP7TW2b02mq1oGW5c60dYnGKRpCiqvlw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlRoREpzQ284WUVBQUkzVFgzTUFBQUFB HTTP 302
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBfOqfWtOjldhMCVWAyymKw&google_cver=1

Request Chain 218

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDb-XX1dTQYYjj2SlnGFhoA&google_cver=1&google_push=AXcoOmSVD53CWdI17UVJj1EgsVWfeYw3yCWeDYwc64067AB_Kdbe8TKaMiCnmYYjLOv-tZSLJDKpkibzNvjysw6bKGmfg8Cs7AN531kjOy4EJqHxng-Nd1EzdnfTVZz12IuDtxekM0dWaCZ-SmNwn4SOX9Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmSVD53CWdI17UVJj1EgsVWfeYw3yCWeDYwc64067AB_Kdbe8TKaMiCnmYYjLOv-tZSLJDKpkibzNvjysw6bKGmfg8Cs7AN531kjOy4EJqHxng-Nd1EzdnfTVZz12IuDtxekM0dWaCZ-SmNwn4SOX9Q

Request Chain 220

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIMTwDnxnwgjEvHlE75FLmE&google_cver=1&google_push=AXcoOmSiS_MEKNN2FSbKWVPJ6YO2xbjQ48-6HrGz70O646QA4h_qiXJkkERmVB5T2sO6qJUgcb8zWQYi6G2pDEHfvY5wSa20qVyW_azXpV7J-MZFCRATbe5EL-J2YVV_Cw7KSlR0iFs_O-t6NpGzbM_B_2U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSiS_MEKNN2FSbKWVPJ6YO2xbjQ48-6HrGz70O646QA4h_qiXJkkERmVB5T2sO6qJUgcb8zWQYi6G2pDEHfvY5wSa20qVyW_azXpV7J-MZFCRATbe5EL-J2YVV_Cw7KSlR0iFs_O-t6NpGzbM_B_2U

Request Chain 221

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGoYq-4ci1j2bHLrZ1taRzQ&google_cver=1&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIzMno7RwhCkNwXRHIf2nGsqE9QqBbuD6Y6QEIlmIuaSZnDznHerXL5KHa489ZomZNC2PluFSFdLmJd5AUJMeRni10a9gg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIzMno7RwhCkNwXRHIf2nGsqE9QqBbuD6Y6QEIlmIuaSZnDznHerXL5KHa489ZomZNC2PluFSFdLmJd5AUJMeRni10a9gg&google_gid=CAESEGoYq-4ci1j2bHLrZ1taRzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIzMno7RwhCkNwXRHIf2nGsqE9QqBbuD6Y6QEIlmIuaSZnDznHerXL5KHa489ZomZNC2PluFSFdLmJd5AUJMeRni10a9gg

Request Chain 222

https://cs.media.net/cksync?type=g&google_gid=CAESEMe6Yey6wRwTp0Q4opAIs_U&google_cver=1&google_push=AXcoOmQMEfPWsGZfey62K2Ddlzx7n9HFYYD4b2ppEctDOuR3zV-O0H6HR4qwFTNyfaF_wpAlMgnCK0IHoZaoio0IbFYM40KCMsZ-BV_HgGwPhe537y218C9Lp9wYGDloBrEnaqKlC32aGXI_fxk312xDLA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQMEfPWsGZfey62K2Ddlzx7n9HFYYD4b2ppEctDOuR3zV-O0H6HR4qwFTNyfaF_wpAlMgnCK0IHoZaoio0IbFYM40KCMsZ-BV_HgGwPhe537y218C9Lp9wYGDloBrEnaqKlC32aGXI_fxk312xDLA&gdpr=&gdpr_consent=

Request Chain 239

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOrcy5ddgIx_LK16avFmufE&google_cver=1&google_push=AXcoOmQ19bTp4FmtUxJhfWKbvvjRploYEJYlfhfFVp_heiKc6Vai3CKflxO2zj6-09qPDtzqmTHtpguFYl2xpe7HikZVvDbMuyo HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7e0f706b44a31fb1&is_secure=true&networkId=14000&version=1&google_gid=CAESEOrcy5ddgIx_LK16avFmufE&google_cver=1&google_push=AXcoOmQ19bTp4FmtUxJhfWKbvvjRploYEJYlfhfFVp_heiKc6Vai3CKflxO2zj6-09qPDtzqmTHtpguFYl2xpe7HikZVvDbMuyo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALP9sGfvdl1gN6Fx3AAAAAAAA&expiration=1698272423&google_cver=1&is_secure=true&google_gid=CAESEOrcy5ddgIx_LK16avFmufE&google_push=AXcoOmQ19bTp4FmtUxJhfWKbvvjRploYEJYlfhfFVp_heiKc6Vai3CKflxO2zj6-09qPDtzqmTHtpguFYl2xpe7HikZVvDbMuyo

Request Chain 240

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEK1TUXwtQ1uX7BLd_7OXzxk&google_cver=1&google_push=AXcoOmSD6PGAFDnWXsmk5ye5UmC1aR9BPFb93Vby5fHmxEPT4zgljObC1dfW_tnebLFAXrFropbzxd2tgKv-PwUpdbA2IClwDGE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSD6PGAFDnWXsmk5ye5UmC1aR9BPFb93Vby5fHmxEPT4zgljObC1dfW_tnebLFAXrFropbzxd2tgKv-PwUpdbA2IClwDGE

Request Chain 242

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBl2jyCgIKsH-FjImssRR38&google_cver=1&google_push=AXcoOmQCiUnB-AXb0AQPOpPjvZBCIYmit3umJDL2VVEOzCDF2JnXexEvCV6d94PQAVS6rcuz8NMkjqXa5bMPNqkTZjYjsfPPQG4 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=3b5a4c90e3&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=3b5a4c90e3&gdpr=0&gdpr_consent=&dcc=t

Request Chain 243

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH8Ml1Yp-9tYMon5VtTdu6A&google_cver=1&google_push=AXcoOmR-7-jQ1WRUJ8lvxnk8qbB-0t9RDA2VWow1ti2PCeV_bzImHEKa1DQ0UQoHxXDD73rFp0tzPh-qx3lSmvDB1tKOktdZprM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-7-jQ1WRUJ8lvxnk8qbB-0t9RDA2VWow1ti2PCeV_bzImHEKa1DQ0UQoHxXDD73rFp0tzPh-qx3lSmvDB1tKOktdZprM

Request Chain 244

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGv40Svr6T32jaXai69ts-o&google_cver=1&google_push=AXcoOmQXBAbaibdmPpF8x5K1xJe9W7QRv3iGJ0Rf-2-FGIhuCVtICP8lpGhaOToC0VhWdo3y3u0d4JiC9C7IHcSCh8pJQxF9GDI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQXBAbaibdmPpF8x5K1xJe9W7QRv3iGJ0Rf-2-FGIhuCVtICP8lpGhaOToC0VhWdo3y3u0d4JiC9C7IHcSCh8pJQxF9GDI&google_hm=QlMuNDdmMy01MmM4LTQ3YTctYjY1Yw==

Request Chain 245

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEFLYugXIv7wtuBbIyYlH4zg&google_cver=1&google_push=AXcoOmRFccR2i7AAjziBL0bYqyUF2CBAsStgYN985ceQkyFPVukF3b3BQDYuIyiHCZ23oUsXp6zF2_DYlrmWiYX-q8r5LOKhRSNr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRFccR2i7AAjziBL0bYqyUF2CBAsStgYN985ceQkyFPVukF3b3BQDYuIyiHCZ23oUsXp6zF2_DYlrmWiYX-q8r5LOKhRSNr

Request Chain 250

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&gdpr=0

Request Chain 251

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1

Request Chain 253

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Request Chain 262

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHQUo7xmSL7LgCCplflLRPc&google_cver=1&google_push=AXcoOmQD1KSPSK-SknDMeQOanJAbjgpFhSIir4JMU-yF4RI86pvaMWO38gj33i-FwDXGH6fgq6yumVf3F8Ccm2_pRtz669urXJShsEoDcsu_quunqBs9-fgSdpNmPyCpL7VK2igjz8UBojGsMlCz4lpkSQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1NjUxMjIyMzQzOTAwNjM1Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIE0y1_hiegC6dtoyMJ1K0&google_cver=1

Request Chain 263

https://um.simpli.fi/gp_match?google_gid=CAESEKijhhSTR8Td0RnrHuT2y8c&google_cver=1&google_push=AXcoOmTLifcSNu3gIT6mjkptY1sRS8RfO44_JQPxgREJRe41DtlLzKmtAxMpJ1hW8ILv7waBxv1I5eA_9ZkgDxc4T86lkWh0E0GH0p2Z7nw9SlWzdwd0Fr7LTqppY95XWDJqnh-EQ_POqwlX9EtjCm1Pa0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBBF24503E4D4589B2612C2E2E194786&google_push=AXcoOmTLifcSNu3gIT6mjkptY1sRS8RfO44_JQPxgREJRe41DtlLzKmtAxMpJ1hW8ILv7waBxv1I5eA_9ZkgDxc4T86lkWh0E0GH0p2Z7nw9SlWzdwd0Fr7LTqppY95XWDJqnh-EQ_POqwlX9EtjCm1Pa0M

Request Chain 264

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEAOdqg0uaBicQex62cn6Si4&google_cver=1&google_push=AXcoOmQ3QrZQJPiAnbu_Dxq9fNob-QPrd1cUuQ_Y5zxtXvbGQuFi8lKZB-5RjQN62cdPJW2qClxuuqjn0qL-ziIxPF145LrnUhwF4boH1MKtRxWmoCGmg8YwWIPFXASZTcYEEgSTOcxP26_LogS896nob68 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQ3QrZQJPiAnbu_Dxq9fNob-QPrd1cUuQ_Y5zxtXvbGQuFi8lKZB-5RjQN62cdPJW2qClxuuqjn0qL-ziIxPF145LrnUhwF4boH1MKtRxWmoCGmg8YwWIPFXASZTcYEEgSTOcxP26_LogS896nob68&google_hm=NTcwTUtOMDBkQkRITjAwNm9oMVM

Request Chain 265

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENzLTVHzeszufgdsO0tpGjA&google_cver=1&google_push=AXcoOmQswF0IAY7-C57KZk25GUZ8s9b3cm-vEP3P7LNLuIm2HM-m4xQ-kUWq6x0RYDn440toO9gqMI6klPgI09w5X8_DJzqKuMPFKCf-pLghArZlgJNfLwEIvVSSXz3xI7O43LCHLbkx_8EKEbNNPpvk9R4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQswF0IAY7-C57KZk25GUZ8s9b3cm-vEP3P7LNLuIm2HM-m4xQ-kUWq6x0RYDn440toO9gqMI6klPgI09w5X8_DJzqKuMPFKCf-pLghArZlgJNfLwEIvVSSXz3xI7O43LCHLbkx_8EKEbNNPpvk9R4

Request Chain 266

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEucHrWBzW-XAKnQSq8awjI&google_cver=1&google_push=AXcoOmSXhsrY4Mcym6ZgRXg9GzAbTC403oENXKRB0_M7_r1KWPjhAZtrlbIVnhMW9eAycb6GiOH9jQqCVzfNhT8hodRlyfDf9hkglaBRWS2JywDJTvwk6CKkXhYj8Vqikni6J4VcPlSZbUhIBmW8qw05g1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmSXhsrY4Mcym6ZgRXg9GzAbTC403oENXKRB0_M7_r1KWPjhAZtrlbIVnhMW9eAycb6GiOH9jQqCVzfNhT8hodRlyfDf9hkglaBRWS2JywDJTvwk6CKkXhYj8Vqikni6J4VcPlSZbUhIBmW8qw05g1c

Request Chain 267

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIBwgATDME0t5iWm71QxiBE&google_cver=1&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooCRW7PMkLjh9r_TB16odkcmRRkP2BBdpn9GNxinzaDcndaMigz89WQy-wHYRDokJR-QvJxzNxOU_g_4nM HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIBwgATDME0t5iWm71QxiBE&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooCRW7PMkLjh9r_TB16odkcmRRkP2BBdpn9GNxinzaDcndaMigz89WQy-wHYRDokJR-QvJxzNxOU_g_4nM&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooCRW7PMkLjh9r_TB16odkcmRRkP2BBdpn9GNxinzaDcndaMigz89WQy-wHYRDokJR-QvJxzNxOU_g_4nM&google_hm=azY5YWlxN185UkFTYmJkUFFUamQ=

Request Chain 268

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEE85XMoQfnb2TEgJ_NImPXg&google_cver=1&google_push=AXcoOmQB7Kr00hl2jQncMVF7noQp_KWEJyFiBe6Ce-xbDXIXaek9Xsvz17PA_edFIZ5kUK78rgYrvjcAt3nOrbKfHrvNwtwdG4qpGHSeA6K5ZeJrtfeYfmcmWsETKWDovTaFPsxbNgtmp2-y8wmjRZhfNyw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c2e7481e-9af7-4f04-a5c4-e5d1b45ecb2f&google_cver=1&google_gid=CAESEE85XMoQfnb2TEgJ_NImPXg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQB7Kr00hl2jQncMVF7noQp_KWEJyFiBe6Ce-xbDXIXaek9Xsvz17PA_edFIZ5kUK78rgYrvjcAt3nOrbKfHrvNwtwdG4qpGHSeA6K5ZeJrtfeYfmcmWsETKWDovTaFPsxbNgtmp2-y8wmjRZhfNyw&gdpr=${GDPR}

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN8B7e-UkNSAC_5Py-Fb9FU&google_cver=1&gdpr=0

Request Chain 303

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgBD9C-w1M1OjhkPRCZAlA&google_cver=1&google_hm=2

Request Chain 304

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENslFmh0to2hUrFgrcmU24M&google_cver=1

Request Chain 305

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Request Chain 316

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOWV1T0MVvacPAIp-Tsr_9g&google_cver=1&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXkuiUMu_Oo0NxH4w HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOWV1T0MVvacPAIp-Tsr_9g&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXkuiUMu_Oo0NxH4w&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXkuiUMu_Oo0NxH4w&google_hm=bDkyQWY2a0FWbGFiaEQzU210c2Y=

Request Chain 317

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEICTmwpeFcAgCvbBODlvSvk&google_cver=1&google_push=AXcoOmQWOV50oC-XF4317TaHJLwp3kiDyqjJAZAzZpHCmohgA2SOonXUFrBgVds3c34ojpjAo73mP9LuGnRS_dwUfH8NU1wzjZlJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQWOV50oC-XF4317TaHJLwp3kiDyqjJAZAzZpHCmohgA2SOonXUFrBgVds3c34ojpjAo73mP9LuGnRS_dwUfH8NU1wzjZlJ

Request Chain 318

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF8oCTwoPjME9U-gV1kobG8&google_cver=1&google_push=AXcoOmRXPXuw0vu6oSinph2w3IpW7fkP2c_Tm_Q4qXdzQqRjWMZUagrA_HPYvS_MKszpQ0JTBIvvshWnc3TLubXDQtym02zn367u HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQyQVotRy1LWTMy&google_push=AXcoOmRXPXuw0vu6oSinph2w3IpW7fkP2c_Tm_Q4qXdzQqRjWMZUagrA_HPYvS_MKszpQ0JTBIvvshWnc3TLubXDQtym02zn367u

Request Chain 319

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEriQ9FG9GdLkuQT_EpElDk&google_cver=1&google_push=AXcoOmT9R4LDtvu-ZJgqnM8WKaR33NYCM-iiaPx47WVb-AUeMT9ggfAMCi22MZh4M9bXt4xoKQBgynBx3iU-P_uGUCgikwy6TZ6f HTTP 302
https://sync.outbrain.com/cookie-sync?p=smaato&uid=3b5a4c90e3&gdpr=0&gdpr_consent=

Request Chain 320

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEFyn7WEdWiekfDWhKUzMbWA&google_cver=1&google_push=AXcoOmSQGir1XZSCX9ePLVf2XR02dINoZbc8nS_OpwA3FpBolXVQYb6XFWf1GzKx1MnHw1vma_ahDl-XHiL4BkILl_OzRWYxPeqX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSQGir1XZSCX9ePLVf2XR02dINoZbc8nS_OpwA3FpBolXVQYb6XFWf1GzKx1MnHw1vma_ahDl-XHiL4BkILl_OzRWYxPeqX&google_hm=AWaF1mJZxUlkqd8oZRCN54I

Request Chain 322

https://sync.gonet-ads.com/match/google?google_gid=CAESELvNBtjJ58wHyCBt40ClbXc&google_cver=1&google_push=AXcoOmQbt-lQ4u6V3SSQZzdm98yswFuh1kinNbBmp5TsbrT3FVPk5CG_mpKl9pCh4m_c4HUxERJ7Et0Axi6acFnOlfRafRVE_Z7NqA HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESELvNBtjJ58wHyCBt40ClbXc&google_cver=1&google_push=AXcoOmQbt-lQ4u6V3SSQZzdm98yswFuh1kinNbBmp5TsbrT3FVPk5CG_mpKl9pCh4m_c4HUxERJ7Et0Axi6acFnOlfRafRVE_Z7NqA&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MWU4Y2Y1MDhhZDg2MTFjZQ&google_push=AXcoOmQbt-lQ4u6V3SSQZzdm98yswFuh1kinNbBmp5TsbrT3FVPk5CG_mpKl9pCh4m_c4HUxERJ7Et0Axi6acFnOlfRafRVE_Z7NqA HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MWU4Y2Y1MDhhZDg2MTFjZQ&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

363 HTTP transactions
23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
dulichkhanhhoa.net/ 2 KB
2 KB 446ms
205ms Document
text/html 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 2f26017c206668e9c6d321d31e0f139d4c6f9ee5579242ed47aeaa4a8c00cb59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 1262
content-type: text/html; charset=UTF-8
date: Tue, 24 Oct 2023 22:20:19 GMT
link: <https://dulichkhanhhoa.net/wp-json/>; rel="https://api.w.org/" <https://dulichkhanhhoa.net/wp-json/wp/v2/pages/294>; rel="alternate"; type="application/json" <https://dulichkhanhhoa.net/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding

POST
H2 200 Primary Request / Show response
dulichkhanhhoa.net/ 164 KB
32 KB 1533ms
1532ms Document
text/html 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: b8ed282fd7ad8f9c707469eba260bb602201dcb656d767ce0f5bee29701bcee6

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 24 Oct 2023 22:20:19 GMT
link: <https://dulichkhanhhoa.net/wp-json/>; rel="https://api.w.org/" <https://dulichkhanhhoa.net/wp-json/wp/v2/pages/294>; rel="alternate"; type="application/json" <https://dulichkhanhhoa.net/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 flatsome.js
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/ 0
16 KB 6ms
5ms Other
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=43f05e0ca79aa585a6aa
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "ce76-650472cd-11c35d1f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15778
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 chunk.slider.js
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/ 0
13 KB 7ms
6ms Other
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.17.7
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "c2f9-650472cd-11c35d1d;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12888
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 chunk.popups.js
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/ 0
7 KB 7ms
6ms Other
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.17.7
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "4e49-650472cd-11c35d1c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6933
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 chunk.tooltips.js
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/ 0
10 KB 7ms
7ms Other
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.17.7
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "9bb4-650472cd-11c35d1e;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9688
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 dashicons.min.css
dulichkhanhhoa.net/wp-includes/css/ 58 KB
34 KB 8ms
7ms Stylesheet
text/css 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-includes/css/dashicons.min.css?ver=6.3.2
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2023 13:04:06 GMT
server: LiteSpeed
etag: "e688-64f08fc6-7409b06;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 35099
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 flatsome.css
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/css/ 143 KB
27 KB 12ms
12ms Stylesheet
text/css 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.17.7
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 4387eb7ea7f12940f0ae2ed520ffdb574db31458a27724db49fdedaa32d719fd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "23b05-650472cd-f001fb8;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 27285
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 style.css
dulichkhanhhoa.net/wp-content/themes/tbttravel/ 298 B
306 B 19ms
19ms Stylesheet
text/css 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/tbttravel/style.css?ver=3.0
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: ebc67057d5cc3145508ce6bc4196ecaeff2f9a165e4139396e5eabf310a4f629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2023 13:04:03 GMT
server: LiteSpeed
etag: "12a-64f08fc3-d8021f3;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 jquery.min.js Show response
dulichkhanhhoa.net/wp-includes/js/jquery/ 85 KB
29 KB 20ms
19ms Script
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2023 13:04:07 GMT
server: LiteSpeed
etag: "155ba-64f08fc7-381a103;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 29574
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 27ms
12ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159561376-1

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1ccefca74eb3ed8bc6805a7da6667010c20b4525ec40fa8f60ba59a7f2b81e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68597
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:19:25 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 24 Oct 2023 22:20:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 30ms
19ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6243045912649773

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c19e9159bffebe312b95d26434ed9fa6dea7caa07799fc5e633bfa83050e8fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51714
x-xss-protection: 0
server: cafe
etag: 5573972617632272297
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
89 KB 19ms
18ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7KNQJ25KES

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93de98c5e8303fdec0a91a9c99dde3b68f5ced6566961e6983b5d165f5b00e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90518
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 24 Oct 2023 22:20:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 59ms
21ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14172a2dec0e55ff74d546606eeb513a5d9a057d76b190ce0d3d1b0b9df2c29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29182
x-xss-protection: 0
server: cafe
etag: 953 / 19654 / m202310190101 / config-hash: 6386123563653736403
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:20 GMT

GET
H2 200 ad.js Show response
member.profitsfly.com/dulichkhanhhoa.net/ 4 KB
1015 B 679ms
635ms Script
application/javascript 2606:4700:3032::ac43:825e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://member.profitsfly.com/dulichkhanhhoa.net/ad.js
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:825e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 65c6da2d2307597b6deedd8f99c382229db078c0b34938cfcb83472e94a10c28

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 10 Jun 2023 08:53:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"10bd-188a482de07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkj9QigWulgkML7zBv6FlgapnY%2BM4yzMmaGprhzFc0bITZMmB%2FGgLllBuaGI7sl%2BF3mfuqtL2CDGACCpwpxd3YdpOzD95qozFn78kJGoIjzmf93ERtsniG96t%2FOzniAP8sVVxcozidIC7wady4oBAf9%2B5Xc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 81b59b46e8cb4c03-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 pub-4684597535910488 Show response
fundingchoicesmessages.google.com/i/ 158 KB
52 KB 89ms
45ms Script
application/javascript 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-4684597535910488?ers=1

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1005cce8fb74bbdfebf8bef625d61ffc303a223c617560b23b427b179646869

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-875ExKW7pSzrg9z31xQ0RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-875ExKW7pSzrg9z31xQ0RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 du-lich-khanh-hoa.png
dulichkhanhhoa.net/wp-content/uploads/2022/01/ 6 KB
6 KB 23ms
22ms Image
image/png 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dulichkhanhhoa.net/wp-content/uploads/2022/01/du-lich-khanh-hoa.png
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: ca98e191826a25103ba06eebf913eab32bcf74cada31a17296db096ddfa5bbb9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
last-modified: Thu, 31 Aug 2023 13:04:02 GMT
server: LiteSpeed
etag: "18cb-64f08fc2-ec02c61;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6347
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 maldives-island-scaled.jpg
dulichkhanhhoa.net/wp-content/uploads/2022/01/ 569 KB
570 KB 9ms
8ms Image
image/jpeg 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dulichkhanhhoa.net/wp-content/uploads/2022/01/maldives-island-scaled.jpg
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: c9eb2d76ba1b18d0b0bc3e7591c1f0bbfe9380b924fd897f44cf1c5bb0c3a27f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
last-modified: Thu, 31 Aug 2023 13:04:02 GMT
server: LiteSpeed
etag: "8e565-64f08fc2-ec02c65;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 583013
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 fl-icons.woff2
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/css/icons/ 7 KB
7 KB 42ms
41ms Font
font/woff2 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.17.7
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 8bdd2549e2df32257d86d141069f086600680d6132d18143617f0289d8926414

Request headers

Referer: https://dulichkhanhhoa.net/
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "1b9c-650472cd-10806b5e;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7068
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
89 KB 18ms
17ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7KNQJ25KES&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159561376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17e59d7cbbff85ed15e13943b2836a366a6e4fa882cffd851409471bf4f2a301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90564
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 24 Oct 2023 22:20:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 48ms
15ms Script
text/javascript 2404:6800:4003:c1a::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159561376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 22:06:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 839
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 00:06:22 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/ 394 KB
134 KB 60ms
35ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6243045912649773

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c666beb06a70a86ac283bc227e791509c04bc137dd616a43b33fbeeee9b0c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136862
x-xss-protection: 0
server: cafe
etag: 17747614531424389137
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/ Frame D70B 10 KB
5 KB 18ms
4ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6243045912649773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 7790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 20:10:31 GMT
etag: 4569948109300706969
expires: Tue, 07 Nov 2023 20:10:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 verify.png
dulichkhanhhoa.net/wp-content/uploads/2022/02/ 2 KB
2 KB 5ms
4ms Image
image/png 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dulichkhanhhoa.net/wp-content/uploads/2022/02/verify.png
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: b05597847ea499bf34714b9c4c5c01f6e91d19807a5125f95283d619062c0312

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
last-modified: Thu, 31 Aug 2023 13:04:02 GMT
server: LiteSpeed
etag: "914-64f08fc2-f80201c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2324
expires: Tue, 31 Oct 2023 22:20:20 GMT

GET
H2 200 khu-vui-choi-giai-tri-vinpearl-nha-trang.jpg
dulichkhanhhoa.net/wp-content/uploads/2022/01/ 85 KB
85 KB 4ms
3ms Image
image/jpeg 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dulichkhanhhoa.net/wp-content/uploads/2022/01/khu-vui-choi-giai-tri-vinpearl-nha-trang.jpg
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 8750a21fdbda25e927372630d6cc9c3133ddd32093771f2b607f3124af8586a2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
last-modified: Thu, 31 Aug 2023 13:04:02 GMT
server: LiteSpeed
etag: "15291-64f08fc2-ec02e0e;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 86673
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acbe33ef0db98bad422b28c619ecc574c82e0b2612557aa5ad7abf10d19f5e9f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6c01d0861ec221996835e60990b89acd6cf5eecee35a94c0ee598dcd5dfdcf4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d37876311c6c076f7db006a4e3e45f1743256ba237665d1d688df85199d1938c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6433100954ba9b56fa6d06472fa1b3d58a2fde7590a8f71b8dc8f2d3731330a1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d442646b87282c9572148a2886f7da47fb0292b18e8bd547193de54e3bb6c07

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe87c431052cc7cc10435ed06577fa7445debc3f0a57cf33529c226a61476893

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0f7cf4579da3229674588cddd1928ac11c40cb626a2b01afcbecba4b06bd783

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10948c06bb0ecf43f081d2b9dbd7767b5dd458e53c182ffa63d77bed9111bd61

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e77e4ca9670e02677c8c59e68fa936f07d89e57a0f6256caf38c0338c122c13f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7be3ae1af8ff759f0176c423b9f966c96d22ccfb68dbbec70a4b133ab476d472

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cde6bee439f3802237800a17f7a6021d0a3d2049bd0520318ca913cc49bf0b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2bce10657147d3f6cc9320c9e5e4b5bcac4343f3d5c4167c876c5c6bff36935

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 button_please-wait.png
dulichkhanhhoa.net/wp-content/uploads/2022/02/ 2 KB
2 KB 9ms
8ms Image
image/png 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dulichkhanhhoa.net/wp-content/uploads/2022/02/button_please-wait.png
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 3c40eb5c60bea9ada809fe128bd412bc44eb7b70407ef0c25428b4147a655c4c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
last-modified: Thu, 31 Aug 2023 13:04:02 GMT
server: LiteSpeed
etag: "77e-64f08fc2-f80228c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1918
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
H2 200 button_ge-lik.png
dulichkhanhhoa.net/wp-content/uploads/2022/02/ 2 KB
2 KB 10ms
9ms Image
image/png 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dulichkhanhhoa.net/wp-content/uploads/2022/02/button_ge-lik.png
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: a61f1b72366bf365c560e149ec6a7d92e12bd871fe35df06cbfe8790e1a4e7bf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
last-modified: Thu, 31 Aug 2023 13:04:02 GMT
server: LiteSpeed
etag: "6ee-64f08fc2-f808752;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1774
expires: Tue, 31 Oct 2023 22:20:21 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 21ms
6ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7KNQJ25KES&gtm=45je3an0v874097012&_p=1486458287&_gaz=1&cid=841601102.1698186021&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1698186021&sct=1&seg=0&dl=https%3A%2F%2Fdulichkhanhhoa.net%2F&dt=%C4%90%E1%BA%A1i%20L%C3%BD%20Cho%20Thu%C3%AA%20Xe%2C%20B%C3%A1n%20Tour%20Du%20L%E1%BB%8Bch%20TBTTravel%20Nha%20Trang&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KNQJ25KES
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 14ms
4ms Ping
text/plain 2404:6800:4003:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7KNQJ25KES&cid=841601102.1698186021&gtm=45je3an0v874097012&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KNQJ25KES
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c00::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 21ms
10ms Image
image/gif 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7KNQJ25KES&cid=841601102.1698186021&gtm=45je3an0v874097012&aip=1&z=692411015

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dmca_protected_sml_120l.png
images.dmca.com/Badges/ 2 KB
3 KB 31ms
4ms Image
image/png 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=0d7ca897-1377-4984-a61c-2466f50f335b
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 / ASP.NET
Resource Hash: 619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
cdn-edgestorageid: 868
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:46
cdn-pullzone: 1574055
content-length: 2122
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "26b76633e0ebca1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: c706c1acd96afcd8202086584a2be9a2
accept-ranges: bytes
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
772 B 30ms
4ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:46
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: dbbcc68b1b20ca073f82ba294bf75495
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 flatsome-instant-page.js Show response
dulichkhanhhoa.net/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/ 3 KB
983 B 13ms
11ms Script
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "dd2-650472cd-d014b57;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 916
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
H2 200 flatsome-live-search.js Show response
dulichkhanhhoa.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 16 KB
5 KB 14ms
12ms Script
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.17.7
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 4c1f3df3646c27bf2afe2e6ebe2a6fc0e3d3cc19bbebb265f205efd0e55f9136

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "3f6d-650472cd-d800bde;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4686
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
H2 200 hoverIntent.min.js Show response
dulichkhanhhoa.net/wp-includes/js/ 1 KB
760 B 14ms
13ms Script
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2023 13:04:06 GMT
server: LiteSpeed
etag: "5db-64f08fc6-c00181f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 669
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
H2 200 flatsome.js Show response
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/ 52 KB
15 KB 15ms
14ms Script
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=43f05e0ca79aa585a6aa
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: 42b46b24a2ee476c97e71a347b6d3d738707d9b85dee0a0da536e9124f61b062

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "ce76-650472cd-11c35d1f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15778
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
H2 200 flatsome-lazy-load.js Show response
dulichkhanhhoa.net/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/ 2 KB
600 B 15ms
15ms Script
application/x-javascript 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.17.7
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "933-650472cd-d4725bc;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 533
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
H2 200 underline.png
dulichkhanhhoa.net/wp-content/themes/flatsome/assets/img/ 1020 B
1 KB 11ms
11ms Image
image/png 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/img/underline.png
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.17.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: d772eda3430d031bfea1576d68fceb9813226ddd63857cceeba00205014a8538

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.17.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
last-modified: Fri, 15 Sep 2023 15:05:49 GMT
server: LiteSpeed
etag: "3fc-650472cd-10c01561;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1020
expires: Tue, 31 Oct 2023 22:20:21 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 422 KB
132 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33945
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 23 Oct 2024 12:54:36 GMT

POST
H3 204 AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 40ms
30ms XHR
text/html 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.7gYXXyZmrvs.es5.O/am=CAM/d=1/rs=AJlcJMwjc8c__M7wuIqaG4To7rgGapYVAA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y82UsTBaW01XEMiU_tHRVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y82UsTBaW01XEMiU_tHRVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dulichkhanhhoa.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW00eaTvfCy-6XoinRarCWKgiNACOItJCd0wwkKjT8c9lsjcdBEBtemJ9Q0kCZQhGMQsr_3ej3j_IfrNRtosV-8JvEgXheZq5kSSjUD28JdAVxKNizNeZw8z89eFuM4i76w-R6j5A== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 56ms
56ms Script
application/javascript 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW00eaTvfCy-6XoinRarCWKgiNACOItJCd0wwkKjT8c9lsjcdBEBtemJ9Q0kCZQhGMQsr_3ej3j_IfrNRtosV-8JvEgXheZq5kSSjUD28JdAVxKNizNeZw8z89eFuM4i76w-R6j5A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MTg2MDIxLDI2OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kdWxpY2hraGFuaGhvYS5uZXQvIixudWxsLFtbOCwiN2dZWFh5Wm1ydnMiXSxbOSwiemgtQ04iXSxbNywiMCJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07458368824c45ff647007f0f4c25c138977001a3aba5759e93ba2165ce9f55d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uVJ7iJRWHMVwIuUjdXo2Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uVJ7iJRWHMVwIuUjdXo2Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
611 B 32ms
6ms Script
text/javascript 2404:6800:4003:c1c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dulichkhanhhoa.net&callback=_gfp_s_&client=ca-pub-6243045912649773

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744a7d88ae11e3a820a26f940c925cfa887e679205771ceda28d29b05c4d428f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C590 13 KB
2 KB 107ms
105ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6243045912649773&output=html&adk=1812271804&adf=3025194257&lmt=1698157221&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698186020997&bpp=7&bdt=176&idt=295&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4150220769492&frm=20&pv=2&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C31079080%2C44798934%2C44801484%2C44805112%2C44805534%2C44805932%2C44806738%2C31078297&oid=2&pvsid=3885881968441235&tmod=331706298&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=346

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1733e267fcf287d6027d972ff668cf93885f5d68c2edcb4b6e5b30d5fb66911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Tue, 24 Oct 2023 22:20:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 11ms
7ms XHR
text/plain 2404:6800:4003:c1a::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1486458287&t=pageview&_s=1&dl=https%3A%2F%2Fdulichkhanhhoa.net%2F&ul=en-us&de=UTF-8&dt=%C4%90%E1%BA%A1i%20L%C3%BD%20Cho%20Thu%C3%AA%20Xe%2C%20B%C3%A1n%20Tour%20Du%20L%E1%BB%8Bch%20TBTTravel%20Nha%20Trang&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1652978612&gjid=1495341410&cid=841601102.1698186021&tid=UA-159561376-1&_gid=2002704.1698186021&_r=1&gtm=457e3an0&jsscut=1&z=1306519381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn.jsdelivr.net/fontawesome/4.7.0/fonts/ 75 KB
76 KB 564ms
181ms Font
font/woff2 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dulichkhanhhoa.net/
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 24 Oct 2023 22:20:21 GMT
x-content-type-options: nosniff
age: 19300831
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77160
x-served-by: cache-fra-eddf8230138-FRA, cache-maa10220-MAA
etag: W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 22195652661 Show response
fundingchoicesmessages.google.com/i/ 158 KB
51 KB 43ms
42ms Script
application/javascript 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22195652661?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40f4e16b51f5b6d6486fadad53a0babffe112e4f806d93b6150d88423cdda4b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GzseOHYjLnxih8lfC1WNdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-GzseOHYjLnxih8lfC1WNdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 maldives-island-scaled.jpg
dulichkhanhhoa.net/wp-content/uploads/2022/01/ 569 KB
0 9ms
8ms Image
image/jpeg 15.235.140.15
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dulichkhanhhoa.net/wp-content/uploads/2022/01/maldives-island-scaled.jpg
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.140.15 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-004b4c1e.vps.ovh.ca
Software: LiteSpeed /
Resource Hash: c9eb2d76ba1b18d0b0bc3e7591c1f0bbfe9380b924fd897f44cf1c5bb0c3a27f

Request headers

Referer

Response headers

date: Tue, 24 Oct 2023 22:20:19 GMT
last-modified: Thu, 31 Aug 2023 13:04:02 GMT
server: LiteSpeed
etag: "8e565-64f08fc2-ec02c65;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 583013
expires: Tue, 31 Oct 2023 22:20:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 6ms
4ms XHR
text/plain 2404:6800:4003:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-159561376-1&cid=841601102.1698186021&jid=1652978612&gjid=1495341410&_gid=2002704.1698186021&_u=YADAAUAAAAAAACAAI~&z=1791947426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 24 Oct 2023 22:20:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
25 KB 198ms
198ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021554&lmt=1698157221&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=1518058837&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c21225a208ff6c02d80de756d1e2be99e75f73b3db623aab6949de51c860267e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25620
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 060B 6 KB
3 KB 47ms
6ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 39 KB
13 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0814ceb83311ca54fa848a9a31915d46a05013536d38aa50abebb7cf223edf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 01:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75862
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13704
x-xss-protection: 0
server: cafe
etag: 12852200075146428686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 23 Oct 2024 01:15:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 13ms
12ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=3885881968441235&vrg=202310190101&nw_id=22195652661&nslots=13&eid=31078979&pub_url=https%3A%2F%2Fdulichkhanhhoa.net%2F&fc=1&tcfv1=0&tcfv2=1&usp=0&ptt=17

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 381ms
381ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021608&lmt=1698157221&adxs=240&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=1120x607&msz=1120x0&fws=4&ohw=1600&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=607353797&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744238ec9e2d7ec0598066ad3df2a59ae389ac540643f3e50af3b858c8d858ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11097
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
45 KB 824ms
822ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x120%7C728x90&ifi=4&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021613&lmt=1698157221&adxs=240&adys=5374&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=1120x0&msz=1120x0&fws=4&ohw=1600&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=522609734&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a1fb01677c3282262ca6d8830baa5e44c44408221045121d6d8f6b8ed596c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46052
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
16 KB 2307ms
2305ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=980x120%7C728x90%2C320x100%2C320x100%2C320x100%2C300x250%7C250x250&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021616&lmt=1698157221&adxs=-9%2C-9%2C-9%2C-9%2C346&adys=-9%2C-9%2C-9%2C-9%2C886&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C0&ucis=4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1&fws=2%2C2%2C2%2C2%2C4&ohw=0%2C0%2C0%2C0%2C300&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=522609735%2C442543346%2C442543347%2C442543356%2C689883503&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4464712ab7d00b27f4513d7540a3fa8324a089e5d7908b5dd4b7e72a484eb7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16371
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
45 KB 1218ms
1216ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ifi=10&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021618&lmt=1698157221&adxs=650&adys=886&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=689883488&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

746686449d21268c342f3081d5204335bae8a95254d81a8b5df1e8a1d0c0d7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46091
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
45 KB 1033ms
1032ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ifi=11&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021620&lmt=1698157221&adxs=954&adys=886&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=689883489&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cfcfa8e803df7ad0f40497a37ecd20cee0b77c40dc975d9ad64fedcc0e39271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45767
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
42 KB 1929ms
1928ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=12&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021623&lmt=1698157221&adxs=498&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=1535702786&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab92de96770ce893043d04eee08f4298f07ebd5fb0d4a80b9f5d75885ade52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43356
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
43 KB 618ms
617ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=13&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021625&lmt=1698157221&adxs=802&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=1535702787&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c53a77b42bd4e9ef0e0658c65bf453f720b5e7813ac4cb456bf2390431ac5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43713
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 393 B
182 B 1479ms
1478ms Fetch
text/plain 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885881968441235&correlator=1735400455013537&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&gdpr=0&iu_parts=22195652661%2Cdulichkhanhhoa.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=14&sfv=1-0-40&sc=1&cookie=ID%3D314dd490cb5f1542-227382c87a8000e1%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog&gpic=UID%3D00000d9c510875e0%3AT%3D1698186021%3ART%3D1698186021%3AS%3DALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA&abxe=1&dt=1698186021628&lmt=1698157221&adxs=650&adys=4508&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdulichkhanhhoa.net%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=841601102.1698186021&ga_sid=1698186021&ga_hid=1486458287&ga_fc=true&dlt=1698186020821&idt=592&adks=1535702796&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce236d7a7d0230204ee76edf6741e13ec8b12e30ec62e1d10b38eb0e1fd25bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dulichkhanhhoa.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A8D 6 KB
3 KB 32ms
30ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3A8D 4 KB
1 KB 35ms
11ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:11:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Oct 2023 22:20:21 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 7005 94 KB
36 KB 59ms
29ms Script
text/javascript 184.51.96.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUL26IV2&ydspr=1

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.96.30 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-96-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1e39fae5bd620ed602612bf9204b25c37b0d02e24c40c81927d5bc648343118b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-mnt-h: 22-5h9m
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 24 Oct 2023 22:20:21 GMT
server: Apache
etag: "fb040230102b790aa9ba2b1f6fa8b5b5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
content-length: 36198
expires: Tue, 24 Oct 2023 22:25:21 GMT

GET
H2 200 release-20230927-130-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 7005 72 KB
25 KB 813ms
9ms Script
application/javascript 23.36.48.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230927-130-adperformance.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-48-24.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1dbd18c0aa6071222d773de0ac1cde277406e857cf0b9c88cbf2035480857bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Tue, 24 Oct 2023 22:20:22 GMT
x-guploader-uploadid: ADPycdtApGdzwY47QUUQGg5FKrh3KblAvZXx_xJtV0mkRk1rPRUEDmCUajGzZKeqUE-f4FBN6PoaIzmhUU2KKTqSNvrrmG6NxJXT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25148
server: UploadServer
etag: "1eb27acd7f471c38284a9857c37daa7f"
vary: Accept-Encoding
x-goog-hash: md5=HrJ6zX9HHDgoSphXw32qfw==, crc32c=3FtsVQ==
content-type: application/javascript
x-goog-generation: 1697195146284262
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Tue, 24 Oct 2023 23:20:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7005 3 KB
1 KB 34ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7005 20 KB
9 KB 32ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7005 0
0 76ms
49ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLcvtLp10Ey1kF-cjDOUsTxtbJUtwYKvQodiDLeYNOdaCrgarF1Go9l3dJJ4HNnfjdXZ3vIb5fIJUO7m2025Rm7J5B7A
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7005 24 KB
7 KB 34ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Oct 2024 22:34:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7005 187 KB
59 KB 58ms
7ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:21 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 3A8D 20 KB
9 KB 34ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 19:07:49 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame BC46 77 KB
30 KB 293ms
292ms Document
text/html 184.51.96.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2881&&kkdd=*W%7CH%7Cn9*A&VG=Zqz.Z.qA9Z6z9Ozb..6&Mt4f=A&Fg4H=A&ktV=ZAz.&)gk(=Q9zq&kGt=.i5Q9qRC9&k4kt=Aq26zrjG*m7RU*Z8OcLdFl%3D%3D&kfGt=q6ddZO6Ab&gGP(=O9Ao6.A&kk=J*&kaUF=ul7nKB0&4Gt=.XKmqh.C6&)4Gt=YZ~Oqq.&a))4g=Z&fff=)P7DaQk!DQ.fnq49uxQ7U-Lj1zbbiQxD2c51bdi_a*~%3D&_8fT=a))4g%3A%2F%2FtE!Gka_aHUaarHpU()&(_8fT=8bb~2%3AJJKoI.B858ZP88FZpPmb&Ug(=d&!8=Z&EMt=6&Ht)Z=.i5667ObK&Ht)9=bObZ6..qb&1tH)H=y1o3!(U%3DZ969y1a4%3DAy1Gt%3DApA9Ay1o3HUk(g)rf%3DODOSdDOSZ.DOS9ADOy1o3HgU%3DAy1o3(o4%3DAy1o3MGUgE%3DAy1o3GU)Ft%3DAy1o3fa%3D6bc~24I.uWy1o3f4k%3DAAZAAAZy1o3gGP(%3DO9Ao6.Ay1o3)FHo%3D9dAy1o3)F!3gETTGo%3D%2FykG)L%3DJRB*lXK7~yk_3T!%3D9ytk%3DMk4DH4HkDg(ZD1ytFF3tZ%3DAytFF3tZA%3DAytFF3tZ9%3DOytFF3tZ6%3DAytFF3tZd%3DZytFF3tZq%3DOytFF3tZb%3DZytFF3tZ.%3DZdytFF3tZz%3DZAAAytFF3t9%3DYytFF3t9Z%3DDZytFF3t99%3DApAOytFF3t96%3DdytFF3t9d%3Dt(T3t(TytFF3t9.%3DdytFF3t9z%3DApAAytFF3tO%3DAytFF3tOA%3DAytFF3tO9%3DZytFF3tOO%3DAytFF3tOq%3DBlytFF3tOb%3DYytFF3t6%3DZAytFF3t6A%3DAytFF3t69%3DAytFF3t6O%3DAytFF3t66%3D4frtytFF3t6d%3DAytFF3t6q%3D7ytFF3tdZ%3DAytFF3td9%3DApAAytFF3tdq%3DAytFF3tb%3DAytFF3t.%3DAytFF3!%3DApA6AytFF3FZ%3DApA6qytFF3FZA%3DZpAAAytFF3FZZ%3DZpAAAytFF3FZ9%3DApdO9ytFF3FZO%3DZpAAAytFF3FZ6%3DZpAAAytFF3FZd%3DApzzbytFF3FZq%3DApZZbytFF3F9%3DApAbdytFF3F9Z%3DZpAAAytFF3F9O%3DZpAAAytFF3F96%3DZpdzOytFF3F9d%3DZpAAAytFF3F9z%3DZpAAAytFF3FO%3DZpAAAytFF3FOA%3DZpAAAytFF3FO9%3DApAZAytFF3FO6%3DZpAAAytFF3FOd%3D9pAAAytFF3FOq%3D9pAAAytFF3FOz%3D6pAAAytFF3F6A%3D6pAAAytFF3Fd%3DZpAAAytFF3FdZ%3D9pAAAytFF3Fd9%3DAp9AAytFF3FdO%3DApdAAytFF3Fd6%3DdpAAAytFF3Fdd%3DApdAAytFF3Fdb%3DZpAAAytFF3Fdz%3DZpAAAytFF3Fq%3DZpAAAytFF3Fb%3DApOO6ytFF3FbO%3D9pAAAytFF3Fb6%3D9pAAAytFF3Fz%3DZpAAAytFF3f%3DApZZby(3f4F%3DApA6qy(f4F%3DApA6qyak%3DA%20%2B%20AyGaH%3DAyG)L4(%3Dlceyf3kk%3DJ*yf3G4%3D9AAZDAtTZDA.AADAAAADAAAADAAAADAAAADAAAAyf3gk%3DAZyf1r%3Dd3Oyf(T3kU)%3DAyg(!!(f3)HM3Gt%3DZdZ.Ad..Obyg)t%3DZdZ.Ad..ObyV1f%3DAyk1t4%3DApAZZygt%3DZyG)L4(3Gt%3DZbyg(!!(f3)HM3Gt%3DZdZ.Ad..ObygE44!L3)HM3Gt%3Dyt()(k)(t3)HM3Gt%3DyVG(8H1G!G)L%3DAp9y4rg%3DZyHk3)L4(%3DZyHt1!_%3DZdZ.Ad..ObyHF4%3DZyrM1Gt%3DApA9Ay1T!f%3DApAZAygEGt%3Dil~J~KP7s(*.~*YR)g7tU(Q1J)0yt)k%3DH4Hk3gMytFF3(f4F%3DTH!g(ytFF%3DaHfFrULy1t4kH4t%3DAytH!M%3Dt(THE!)yGUg!%3DZygr14%3DyoGt%3DlceD4E1D6.z6b9dbzzAA9qq6ya)F!%3DZytkE)%3D6dytrM1%3DADZy(k43Eg(t%3D1(!r83sdAy(k4349d%3DAy(k434dA%3DAp9O9A9y(k434qA%3DAy(k434bA%3DAy(k434bd%3DAp6AqAZy(k434.A%3DAy(k434.d%3DAy(k434zA%3DAy(k434zd%3DAy(k434zz%3DAyG1k%3DZy&U)V=A&G8=A&GURTf=Z&1tfRt=OZz&1Gt=O6b66A&_))!(=JHT(-fHF(%20irU)HGU(f&FkT=qd9ZO&Ltg4f=Z&1H(=W6HsWs66MW&_H)4f(=Z&_H)1Gt=DZAO&kHtrFHGU=)P7DaQk!DQDuJaB69DEETkVJ~b8k)_nqEqV240O_ozOci*FJmJh0h8%3D%3D&L4!4=Z&GgGt=Z&HtV=ltVHUk(%20JGF4!(&4MGt=4AZdZ6Zzq6dO)9A9OZA96999A&gg!t=%7B%22ggG4%22%3A%229AAZ%3AAtTZ%3AA.AA%3AAAAA%3AAAAA%3AAAAA%3AAAAA%3AAAAA%22%2C%22ggkk%22%3A%22J*%22%2C%22gggk%22%3A%22AZ%22%2C%22ggk)L%22%3A%22gGUMH4rf(%22%7D&a)F!gfk=Z&)kT3kF4=Z&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL26IV2&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.96.30 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-96-30.deploy.static.akamaitechnologies.com

Software

Resource Hash

e1fa69a8afb7f6d1d8d76c88b4c0cc7a62b0625dcac3464308363835d066b656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 30136
content-type: text/html
date: Tue, 24 Oct 2023 22:20:22 GMT
expires: Tue, 24 Oct 2023 22:20:22 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 21-chmk

GET
H2 200 bping.php
lg3.media.net/ Frame 7005 35 B
176 B 338ms
14ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2588&&vgd_cdv=1098&vgd_cage=0&vgd_tsce=L296&vgd_mcf=65213&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUL26IV2&crid=645513407&vi=1698186021492397884&ugd=4&lf=6&kwrf=https%3A%2F%2Fdulichkhanhhoa.net&cc=SG&lper=100&wsip=170785192&r=1698186021975&rrr=tzR-hLcl-L8rM6p2HZLRnFyKb977CLZ-QDUb75CkhGE%3D&requrl=https%3A%2F%2Fdulichkhanhhoa.net%2F&vgde_bdata=~G-MjJzvufHf~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvAoA*XoA*uWoA*f9oA~G-M1Qzv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvAf9-HW9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjvf~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvuX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfvu~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9H9~OYYMYuv9.9HF~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.XAf~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iih~OYYMYuFv9.uuh~OYYMYfv9.9hX~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.XiA~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvf.999~OYYMYAFvf.999~OYYMYAivH.999~OYYMYH9vH.999~OYYMYXvu.999~OYYMYXuvf.999~OYYMYXfv9.f99~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhv9.AAH~OYYMYhAvf.999~OYYMYhHvf.999~OYYMYivu.999~OYYMLv9.uuh~JMLEYv9.9HF~JLEYv9.9HF~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evf99uo9Okuo9W99o9999o9999o9999o9999o9999~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvuXuW9XWWAh~Q7OvuXuW9XWWAh~eGLv9~NGOEv9.9uu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvuXuW9XWWAh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.f~EmQvu~1NM75EJvu~1OGjUvuXuW9XWWAh~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov%3DK4b4alD%20JZW4Z_V7QDOzJTGb73~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjvu~QmGEv~-8OvKrtoExGoHWiHhfXhii99fFFH~w7Yjvu~ONx7vHX~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEfXv9~JNEMEX9v9.fAf9f~JNEMEF9v9~JNEMEh9v9~JNEMEhXv9.H9F9u~JNEMEW9v9~JNEMEWXv9~JNEMEi9v9~JNEMEiXv9~JNEMEiiv9~8GNvu~&ssld=%7B%22QQ8E%22%3A%22f99u%3A9Oku%3A9W99%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22bZ%22%2C%22QQQN%22%3A%229u%22%2C%22QQN75%22%3A%22Q8zy1EmLJ%22%7D&vgd_bid=347440&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=59253&vgd_rakh=1698186021128294498&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_pgid=p01514196453t202310242220&vgd_pgids=1&vgd_uspa=0&hvsid=00001698186021972035102809428297&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-252-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Tue, 24 Oct 2023 22:20:22 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 512A 26 KB
10 KB 33ms
33ms Document
text/html 184.51.96.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.96.30 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-96-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3e2b2e38bc3cc5049cf9adc094ab2a562bc3999bf1b92d2a27885cfefcb17254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9538
content-type: text/html; charset=UTF-8
date: Tue, 24 Oct 2023 22:20:22 GMT
expires: Thu, 26 Oct 2023 22:20:22 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 7005 35 B
191 B 315ms
34ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=5986&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=SG&cid=8CU44R37O&reqid=DmMQebZj-_DFlk6BlUeOuw&vid=DmMQebZj-_DFlk6BlUeOuw&dn=dulichkhanhhoa.net&rawDn=dulichkhanhhoa.net&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fdulichkhanhhoa.net&cliIPV6=2001%3A0df1%3A0800%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=01&ct=singapore&zip=228211&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-7f7b5c9667-k6ddq.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&surl=https%3A%2F%2Fdulichkhanhhoa.net&sckfl=1&suid=CAESEOzRqeG8EGTItsRdneLbStY&sckfl2=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AD8Fdm7-6XhWnoBUm86jQt9xS3iB82c7ItyfLUDz3euBBGVNLTMKQ-OCMWCcEV0UYdBa7zc5&pexid=ADX-pub-4894725799002664&geoll=true&is_ortb=false&s_ip=172.217.47.13&s_city=singapore&commit_id=c2128e38&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-10-24+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=SG&ipcc=SG&is_msnnative_src=false&rtttime=41&req_tid_present=false&pvid=319&prvAccId=645513407&prvApiId=8CUL26IV2&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=737148867&prspt=headerBid&prvReqId=6205925895831_261860785_73714886713191&size=320x480&chnl=HARMONY&bdp=0.020&bid_uuid=d19df14e845995a7553718b24fddb610&cbdp=0.011&og_cbdp=0.020&ogbdp=0.02&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Frelated.advancesimple.com&dfpBd=0.011&dsrc=-2&dp=0&dbf=1&epc=645513407&s=1&snm=SUCCESS&pcrid=8CUL26IV2-645513407-43-18&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=20&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=319&brsrclk=0&bidrestime=1698186021722&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300320048000039800&strg=HARMONY&vls=0&scrid=1700080807683300320048000039800&mang=1&pvdTmax=251&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_page_url=https%3A%2F%2Fdulichkhanhhoa.net&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CUL26IV2&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CU44R37O&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=6&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=250x250%7C300x250%7C300x600%7C320x480%7C336x280%7C970x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_UCC=1&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=b8aecf0826&mx_exp_tokens%3C%3E=launchexp%3Atoken1%23%23launch-wrng-exp%3Atoken1%23%23Mcid%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=0398af526f10b3f03dd5e9fe6c30e68d&rtime=17.0&wsip=mowx-istio-69ccf57444-h6768&ltime=27.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=1518058837&impId=1&reftime=0&reftype=0&psrc=fail&insl=1&mowxReqId=0398af526f10b3f03dd5e9fe6c30e68d_1&policy_enf=2&pub_blk_enf=1&req_size=320x480%7C300x250%7C250x250%7C336x280%7C970x250%7C300x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=DmMQebZj-_DFlk6BlUeOuw&supplyTagId=1518058837&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-10-24+22%3A20%3A21&__expireat=1698186621982&mview=1&lo_pvid=%5B319%5D&lo_dp=0&lo_bdp=0.020&lo_cbdp=0.011&actltime=28&rme=adm&bdata=~bx_len%3D1242~bhp%3D0~bid%3D0.020~bx_ancestor%3D3-3*5-3*18-3*20-3~bx_asn%3D0~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010001~bx_size%3D320x480~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DSINGAPORE~ck_fl%3D2~dc%3Dgcp-apac-se1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D3~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D15~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D1~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.040~dmm_m1%3D0.046~dmm_m10%3D1.000~dmm_m11%3D1.000~dmm_m12%3D0.532~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.997~dmm_m16%3D0.117~dmm_m2%3D0.075~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.593~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m35%3D2.000~dmm_m36%3D2.000~dmm_m39%3D4.000~dmm_m40%3D4.000~dmm_m5%3D1.000~dmm_m51%3D2.000~dmm_m52%3D0.200~dmm_m53%3D0.500~dmm_m54%3D5.000~dmm_m55%3D0.500~dmm_m57%3D1.000~dmm_m59%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.334~dmm_m73%3D2.000~dmm_m74%3D2.000~dmm_m9%3D1.000~dmm_r%3D0.117~e_rpm%3D0.046~erpm%3D0.046~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_cc%3DSG~r_ip%3D2001-0df1-0800-0000-0000-0000-0000-0000~r_sc%3D01~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D1518058837~std%3D1518058837~vbr%3D0~cbdp%3D0.011%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D1518058837%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.2%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1518058837%7Eamp%3D1%7Eogbid%3D0.020%7Ebflr%3D0.010%7Esuid%3DCAESEOzRqeG8EGTItsRdneLbStY%7Edtc%3Dapac_sg%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Einsl%3D1%7Esobp%3D%7Exid%3DADX-pub-4894725799002664%7Ehtml%3D1%7Edcut%3D45%7Edogb%3D0-1%7Eecp_used%3Dbelow_q50%7Eecp_p25%3D0%7Eecp_p50%3D0.23202%7Eecp_p60%3D0%7Eecp_p70%3D0%7Eecp_p75%3D0.40601%7Eecp_p80%3D0%7Eecp_p85%3D0%7Eecp_p90%3D0%7Eecp_p95%3D0%7Eecp_p99%3D0~ibc%3D1~&utime=257&sf=0&cpr=0.6442305108826203

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-252-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H3 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30DF 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EE87 645 B
254 B 36ms
35ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjOnanyATAB&v=APEucNWxv836cb-apR6ehNzvn8WG5ZJFYf153mhXxc4zPpoYS3Cb-Lc6JW4noqbBVYhMBl4mTqlG31gtVXSc9ng8U6DJYGggay-_VdCI84m-J-6l7QrdChs

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 30DF 89 KB
31 KB 40ms
40ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30DF 42 B
63 B 33ms
31ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCllBpJvFd11Y1ewueID41RE6mfIqllcm4NEaH4gTPnX2zKShd417_MKthKpBy0b6ZCOlRNO_njp9LAEdkXY7DdZ943AYu8WIas-_w7DuPtkLch2w

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30DF 0
20 B 35ms
32ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6812039362943979196&x=1&ct=76

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 30DF 3 KB
1 KB 17ms
14ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 30DF 20 KB
8 KB 17ms
15ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 30DF 0
0 174ms
172ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2SLLOgsv1ULYYncqLhFB3SueC0dU-wqCnZq6AePygnYvicRJ0NNptNEH1UpEAyRH2oatv3lnDoVGqHBtIuoMhY4XE_g
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30DF 187 KB
59 KB 35ms
33ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H2

200

cksync
cs.media.net/ Frame 512A
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQxMTg3NjIyODA5NDI4NzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESED4JeVrmOXHieL-1ntHbrs0&google_cver=1

53 B
444 B

181ms
52ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESED4JeVrmOXHieL-1ntHbrs0&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Tue, 24 Oct 2023 22:20:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESED4JeVrmOXHieL-1ntHbrs0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame EE87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1&gdpr=0&C=1

43 B
337 B

20ms
20ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjOnanyATAB&v=APEucNWxv836cb-apR6ehNzvn8WG5ZJFYf153mhXxc4zPpoYS3Cb-Lc6JW4noqbBVYhMBl4mTqlG31gtVXSc9ng8U6DJYGggay-_VdCI84m-J-6l7QrdChs
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILbHTgXItBQjw%2BOBBZoviqDDUq%2Fmm3Rcd2dfJIiS6CsQ4J1j2jSVJ6L3zxvNxTFQnt9sKLOT89IAeDncdVQ1P0VfvLomHzdybxuRGwksw6p4Aw3Nmhgu54v49sYd%2FAZJxrgrt8E9RkZBcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b4e8d9f9e29-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1DKgxKuXchpaUpUqBc2G5Hc%2FJJ4DzpcsmBOwPhNBiM0B%2BWDbpLQrspOU0ja%2FbsR5my35s%2Bt934ds0NMCcWm4l%2FkF1t%2BDG1ZIACLAIfbCWBJTQGim3H0K0%2BBo28QyBptKqXcK%2BIcYlgXSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 81b59b4e7d8b9e29-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EE87
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJhxz-VG8T782zZgTtQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1

43 B
772 B

20ms
20ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjOnanyATAB&v=APEucNWxv836cb-apR6ehNzvn8WG5ZJFYf153mhXxc4zPpoYS3Cb-Lc6JW4noqbBVYhMBl4mTqlG31gtVXSc9ng8U6DJYGggay-_VdCI84m-J-6l7QrdChs
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFzXJJLEBnBumU8f476KP9HW%2FxrbWCIkjOa1NcFyw3q3v%2BYBvZu2DsQLWBqLo%2FVv8o6gOTB631oqjjJMOC4oVfjAQnxQg4JZVA%2BpyyTh73dv%2BAOq4Mt8muwBkoBjNZ2Uipuh6wtlkthq8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b4ecc745fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkvKNfCN_ZqYwOLJFTlrvc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame EE87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEERz4yFfGlJgro727dbK6n8&google_cver=1

43 B
839 B

4ms
3ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEERz4yFfGlJgro727dbK6n8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjOnanyATAB&v=APEucNWxv836cb-apR6ehNzvn8WG5ZJFYf153mhXxc4zPpoYS3Cb-Lc6JW4noqbBVYhMBl4mTqlG31gtVXSc9ng8U6DJYGggay-_VdCI84m-J-6l7QrdChs

Protocol

Server

103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
an-x-request-uuid: c11ede63-5c4e-4986-a576-d38a45080393
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEERz4yFfGlJgro727dbK6n8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE87
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

170 B
243 B

9ms
8ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Requested by

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
an-x-request-uuid: 4822510f-5068-4a58-bb7f-573125064e05
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30DF 0
20 B 9ms
9ms Ping
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4850730814780&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30DF 0
20 B 7ms
7ms Ping
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4850730814780&version=m202309260101&ct=76&x=1&cor=6812039362943980000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 30DF 97 KB
39 KB 52ms
52ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0--DxEC3lFIOQgM64tTPQzCcBd8hZe4MgafFMGnuu_PSmJh4WswCF5-pL0JjM7qkvMVaAZUppVTqVyfiVI8OHSRvUVi_izOEVjj3EijFO94-PByYP8_rAOj-Iqo1nX09JX-Y4IuIyUVfiFYGco2mSEuwOVDY3mEmR64lvCzzng5oTKIw&dbm_d=AKAmf-BwNqdQvHsexnh_JhYr0_0Kn0PvdG8PQj0rkzUkufgrTtkQJq-dXMdSEyhPXLOwPc90fFnyiCeoyrBz17AIemDMYZhj2rhK-JjYymsG8V0HIXaAnqgL-yHmtHP651v1zU6vNXQjzDf4jvNDFT6AovAEjNw4YZJsj9-dY7odHFLzb5bbO3K5-F1lKUCIlJkrBlLoEjVNdefY9sRqATnuUowixWBcUQ1mtCGjENhLS11TU_g1xYx5YEnS0kgVeLt_76v8wlElD758UVT65L3687QApLMO5OvRJ-GADbBNvlbryiyZqQ57NWqWSvP8sX_F3XKnsl0X-YwnuyXxqBTw1YAHG8_625DGFuBdMPGfY8jWmQJ4Sj9VjRm1nxO-fd_Npcg9JSlI73oAk7nMl7Rq0XdtDxx6TqmP7AI8MG2XM5Mv2Rk16i4QxT3LPfgHo3kU4NKZgPddjPEq0qf5LJPcseYS5WPi49krFYcPc5nkCNh_frzPxoBPQABV2hj_yFJZuwx48oI-KToh3NIttHHpnVuVKN-NVb5lUYMNrKhcCAMqV_IAACXBXivV5Lt295nbIIykuo1Z_lgSnT2wv8krHhHRqwVc1hn-gb5aNSyMfgQJGxgQ-7dPHOLnYIdH7a4DtXyIrthiKf9M3HmFVP9DNawJrbQR9xAE_rT_wN6I-W0GcBovJJkevoqIaAOZAjYrRqdaHtdPb2yfSnr-KxPpldQSaJp_TlE9eV4QwzwqgB9XI1EcCJx8Yv0vYQYFYUvyC1NA6qWlcXOUyT35FwCvil6et7sco2w2tPE6TbmrIIwS2Lx_M2_nYV0pRtPeS0mcvO3QpdAcCH4gU8LSlZNXz5pduXwLRFVknxDff2F-Rnqr1AEhQwid9Vue8zkuEw8MvKVfkPQ6PgXpBOjf1Dwk8-0XE-wLKn9P10ki2f0ujvEIYwjNHA0G4gXe7chypDnPLYJdzatKExHB2JwEBGwQ7_5OQe3B73xfC8pfSWmiujJS8akwvUPyOSMkFu3dcD4A8V47GIoshgCvt0y9PmaM7dtYw0g4OqLXHeA8P72AIP6ZSl0Sv2jd83lJnVp_ESU4KW3OOsSUvHZM72YV8ENainZPtnzCN4yOmnV_IzeanasBBKrxe05NPQUqzsGmIEGX_xuUXj2Xs1MijbvhgHA9ZwmHOV13Y_mgRkcmz_Fvfo7uFxFZNxGvOS0DNtApDy31ENKG8yzEu049D3-MY3ykhtBtNhx6K1vngR1Gg2cb_ZQ10EG52F-AGMF8yNM5PfX3pJEoJvvqthXA47pe2s4TjZFaiFiqYPijbnSMUfaysvpJV19dZE7KezOZnieP1zC2kLyCm9MvOiLtvZMKUOlK8lpMnLKwpVgsEgAuSNjQ1Ab3biERcx2XgLwYme-aoRyRdoAkKKNqrCh6BOqQWcmy4pmW-k79suw2SRoeCBhsY-T7dASy-Ui9CtG7MaiLONzslUp0VH6Jilw1hGikBE2ZNx7TZwhsRACMg-c_MN7EECzcRLdFa7IXNf9ujwzZMyVLhT-Umx5RwBGurV3xvWZ33uEQ0dmkeEbU4xIoJZNkwgc-TSqteCRXocZGYoBAHEKE1grAyOE58oR-J3KxXFdDt0ugnsniyf2z_6nmlBR-qIVLkjkqAQWFcSOJDJlMGfpGdCZQG9V131HukTVt4o2OjyZhJko51iTQ5rc-QoLFxIq5sc35ZhyClwunAuOR5qS8AWpAy9L7Fjv7vntuDlGmJjOk9nXIDkKZYvZvgcKbXvaNIJAxOUSRQiP5XRHbfDxtE8Yp4uH4biZQlYOnHObHjagZ5F-c-P6OE9b1_rDwMeUmG12EQB3MI2vJF24nNY8CrXqkKKIbmNQmlsNvYcNM6admnHXuSY4wJWpB2JQ5ml_0-g2bLwGsqLsm1UGN6tAHFwwpapn8EmpeqsTfGHNSTJtwnJB4mC3gql7MrwkJjsvJ_lAVffe-Sss2za3UR-7T5iEYMGXI4dMaX0z2qcF43TJIE4IXB2kID5imY1s9OYCybjYhvIXg6YxgOPABdg60Fu-JwUQhbgCsH72nKs5i2E8DeiJ0Tsb6SuJi_bVP7-8EkQWKqdyn4usykhDFd-DM2jpnN5-AxwkUb0lW258omNmnODoQifg1GRKIPdPxwZ6W7Ueg2AZjx35QwJUyE-He26RmmitHLgvtz65eN5mRv-EZSUL4lA8d7P4jRzPeQyLY-R0s_w0EoOp_gFICiGenbMHJn8J4s7qv21HF7vZuhJqeM5GVo4rE1t0EMTJpbBK_fOKIOR9XArViUL2fg4LOWaXQJo5qkBCTgjv5CJQEsQs5CLbHrWnVozo-r92ug_xIFiZgO2j4coP654uWxII_Tg5-sPeOMpYqp_0llOR3zjxKTu8Ye9RruY9btL4BGAfoxCMpP50DA6hzfNyVCENF6Fg3iiVPSqQ83bmjZ_brWD_aQI2nF55TmZOFeEnhwQr52oMasFNHBRZzx7OTz58It6TOHa73N_Kehrjf04U-S0a3PuR2Xja1yiFm-L2mvMsx4d7cbSEdIrwTRXBy3vzUNgyVo6vJxhE71Qg8PgDE3wAJCqI9-AYLuNmD0kNQ_HPbSo_jro0lSSf-vGGGupstshjvs4c9MJDooAzwSoBcB1Ccpcdv-MLCVUCc8D65YZGAznbECQYml4Zv9mXqpRSl2_QPL5llhQOtO8hTnub2nJMqtSX039IT2ANx1aCeIdrXdQkUJ047g8EiJpchbTPbF2rkZb_0VSU5cFG0iWsJF9kcBtaKHaEW34xdZo6H2aimWxOzQ_nFBuv34NqxBrJNjvKE1Y4mtEf6Zky6brbKghdoSxjD7bRy-i7nne12GicCw9WA-x28PFJ0DohobT0gi2_3kZ5Nndo6u4p6YjrPaNv_1VPWYxBaGsFjMiByqfY9DzffY98zr0vGc9ZzY_pF6VNS1JC2NnakITtx8WvTHZ5uVUgqljVDRmaV5rZUjwxH-muKeqamOuJgrz3TXCNc6mWvzQtVKvzDUQO7SmnU9T87ycUcSoq2uqAiE7oLdw9sYpbwkAs2gXFsg089ZxQ9oSgVk4AmVf3Y3sfvFMu3E_D5ZJiUMk6ejNjA_Tz5czgTlKjTxe6sQQX7wVfA9thkPduv2AdQVpT_8_bYcnRO_4XrGSRlkINbhJEIFax_wKPfEU8PbH8h9R3N4F8d325UX50ynTgWUKRfev82xMocfX2TMXYb7H7LlnDMyqrOW30c-hvm7vSQC2DYCc1WHsSWrxdt14v1_Rc9eedsI9qawkvA2qkn6jK0DBa2rMQTLA5_jzYG8MyFKxVN9QthOg0nUNPy3F-CvKCJGX-rJnCIftPwsovFDDIeKoAIwkKHbvHYnCPqyLpfRuvFI6QP0vLUXIZnV1r-Ae9yzvt3MG_lyat2XSZ6oUgETwx4LSMq2cpZLOipg6cfghosRCQxXwu_KNhsEU2Fx5K3b0Kn3E1xyjlkfXaM8uBlp0lwMd_zWOv9LPwbEehBNY3cZeG6iGW5fuBwqJB_e8izIJqfQVIrOY-hx4g_9g&cid=CAQSOwDICaaNmLUhtq4uQUb6Gu_ZBwbwUFmeURhCos-NtjoF5b8kHcMmIEFJDwFexe-zuS0ccpgrCvRZ0xfRGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdulichkhanhhoa.net%2F&ds=l&xdt=1&iif=1&cor=6812039362943980000&adk=3944675600&idt=44&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29aa29fd8bfc55fc437df429d8dacdd6010dc1adfd1ba7ed5472bd7dca880471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 30DF 172 KB
61 KB 32ms
6ms Script
text/javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Origin: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 11:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 11:51:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 30DF 11 KB
4 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0--DxEC3lFIOQgM64tTPQzCcBd8hZe4MgafFMGnuu_PSmJh4WswCF5-pL0JjM7qkvMVaAZUppVTqVyfiVI8OHSRvUVi_izOEVjj3EijFO94-PByYP8_rAOj-Iqo1nX09JX-Y4IuIyUVfiFYGco2mSEuwOVDY3mEmR64lvCzzng5oTKIw&dbm_d=AKAmf-BwNqdQvHsexnh_JhYr0_0Kn0PvdG8PQj0rkzUkufgrTtkQJq-dXMdSEyhPXLOwPc90fFnyiCeoyrBz17AIemDMYZhj2rhK-JjYymsG8V0HIXaAnqgL-yHmtHP651v1zU6vNXQjzDf4jvNDFT6AovAEjNw4YZJsj9-dY7odHFLzb5bbO3K5-F1lKUCIlJkrBlLoEjVNdefY9sRqATnuUowixWBcUQ1mtCGjENhLS11TU_g1xYx5YEnS0kgVeLt_76v8wlElD758UVT65L3687QApLMO5OvRJ-GADbBNvlbryiyZqQ57NWqWSvP8sX_F3XKnsl0X-YwnuyXxqBTw1YAHG8_625DGFuBdMPGfY8jWmQJ4Sj9VjRm1nxO-fd_Npcg9JSlI73oAk7nMl7Rq0XdtDxx6TqmP7AI8MG2XM5Mv2Rk16i4QxT3LPfgHo3kU4NKZgPddjPEq0qf5LJPcseYS5WPi49krFYcPc5nkCNh_frzPxoBPQABV2hj_yFJZuwx48oI-KToh3NIttHHpnVuVKN-NVb5lUYMNrKhcCAMqV_IAACXBXivV5Lt295nbIIykuo1Z_lgSnT2wv8krHhHRqwVc1hn-gb5aNSyMfgQJGxgQ-7dPHOLnYIdH7a4DtXyIrthiKf9M3HmFVP9DNawJrbQR9xAE_rT_wN6I-W0GcBovJJkevoqIaAOZAjYrRqdaHtdPb2yfSnr-KxPpldQSaJp_TlE9eV4QwzwqgB9XI1EcCJx8Yv0vYQYFYUvyC1NA6qWlcXOUyT35FwCvil6et7sco2w2tPE6TbmrIIwS2Lx_M2_nYV0pRtPeS0mcvO3QpdAcCH4gU8LSlZNXz5pduXwLRFVknxDff2F-Rnqr1AEhQwid9Vue8zkuEw8MvKVfkPQ6PgXpBOjf1Dwk8-0XE-wLKn9P10ki2f0ujvEIYwjNHA0G4gXe7chypDnPLYJdzatKExHB2JwEBGwQ7_5OQe3B73xfC8pfSWmiujJS8akwvUPyOSMkFu3dcD4A8V47GIoshgCvt0y9PmaM7dtYw0g4OqLXHeA8P72AIP6ZSl0Sv2jd83lJnVp_ESU4KW3OOsSUvHZM72YV8ENainZPtnzCN4yOmnV_IzeanasBBKrxe05NPQUqzsGmIEGX_xuUXj2Xs1MijbvhgHA9ZwmHOV13Y_mgRkcmz_Fvfo7uFxFZNxGvOS0DNtApDy31ENKG8yzEu049D3-MY3ykhtBtNhx6K1vngR1Gg2cb_ZQ10EG52F-AGMF8yNM5PfX3pJEoJvvqthXA47pe2s4TjZFaiFiqYPijbnSMUfaysvpJV19dZE7KezOZnieP1zC2kLyCm9MvOiLtvZMKUOlK8lpMnLKwpVgsEgAuSNjQ1Ab3biERcx2XgLwYme-aoRyRdoAkKKNqrCh6BOqQWcmy4pmW-k79suw2SRoeCBhsY-T7dASy-Ui9CtG7MaiLONzslUp0VH6Jilw1hGikBE2ZNx7TZwhsRACMg-c_MN7EECzcRLdFa7IXNf9ujwzZMyVLhT-Umx5RwBGurV3xvWZ33uEQ0dmkeEbU4xIoJZNkwgc-TSqteCRXocZGYoBAHEKE1grAyOE58oR-J3KxXFdDt0ugnsniyf2z_6nmlBR-qIVLkjkqAQWFcSOJDJlMGfpGdCZQG9V131HukTVt4o2OjyZhJko51iTQ5rc-QoLFxIq5sc35ZhyClwunAuOR5qS8AWpAy9L7Fjv7vntuDlGmJjOk9nXIDkKZYvZvgcKbXvaNIJAxOUSRQiP5XRHbfDxtE8Yp4uH4biZQlYOnHObHjagZ5F-c-P6OE9b1_rDwMeUmG12EQB3MI2vJF24nNY8CrXqkKKIbmNQmlsNvYcNM6admnHXuSY4wJWpB2JQ5ml_0-g2bLwGsqLsm1UGN6tAHFwwpapn8EmpeqsTfGHNSTJtwnJB4mC3gql7MrwkJjsvJ_lAVffe-Sss2za3UR-7T5iEYMGXI4dMaX0z2qcF43TJIE4IXB2kID5imY1s9OYCybjYhvIXg6YxgOPABdg60Fu-JwUQhbgCsH72nKs5i2E8DeiJ0Tsb6SuJi_bVP7-8EkQWKqdyn4usykhDFd-DM2jpnN5-AxwkUb0lW258omNmnODoQifg1GRKIPdPxwZ6W7Ueg2AZjx35QwJUyE-He26RmmitHLgvtz65eN5mRv-EZSUL4lA8d7P4jRzPeQyLY-R0s_w0EoOp_gFICiGenbMHJn8J4s7qv21HF7vZuhJqeM5GVo4rE1t0EMTJpbBK_fOKIOR9XArViUL2fg4LOWaXQJo5qkBCTgjv5CJQEsQs5CLbHrWnVozo-r92ug_xIFiZgO2j4coP654uWxII_Tg5-sPeOMpYqp_0llOR3zjxKTu8Ye9RruY9btL4BGAfoxCMpP50DA6hzfNyVCENF6Fg3iiVPSqQ83bmjZ_brWD_aQI2nF55TmZOFeEnhwQr52oMasFNHBRZzx7OTz58It6TOHa73N_Kehrjf04U-S0a3PuR2Xja1yiFm-L2mvMsx4d7cbSEdIrwTRXBy3vzUNgyVo6vJxhE71Qg8PgDE3wAJCqI9-AYLuNmD0kNQ_HPbSo_jro0lSSf-vGGGupstshjvs4c9MJDooAzwSoBcB1Ccpcdv-MLCVUCc8D65YZGAznbECQYml4Zv9mXqpRSl2_QPL5llhQOtO8hTnub2nJMqtSX039IT2ANx1aCeIdrXdQkUJ047g8EiJpchbTPbF2rkZb_0VSU5cFG0iWsJF9kcBtaKHaEW34xdZo6H2aimWxOzQ_nFBuv34NqxBrJNjvKE1Y4mtEf6Zky6brbKghdoSxjD7bRy-i7nne12GicCw9WA-x28PFJ0DohobT0gi2_3kZ5Nndo6u4p6YjrPaNv_1VPWYxBaGsFjMiByqfY9DzffY98zr0vGc9ZzY_pF6VNS1JC2NnakITtx8WvTHZ5uVUgqljVDRmaV5rZUjwxH-muKeqamOuJgrz3TXCNc6mWvzQtVKvzDUQO7SmnU9T87ycUcSoq2uqAiE7oLdw9sYpbwkAs2gXFsg089ZxQ9oSgVk4AmVf3Y3sfvFMu3E_D5ZJiUMk6ejNjA_Tz5czgTlKjTxe6sQQX7wVfA9thkPduv2AdQVpT_8_bYcnRO_4XrGSRlkINbhJEIFax_wKPfEU8PbH8h9R3N4F8d325UX50ynTgWUKRfev82xMocfX2TMXYb7H7LlnDMyqrOW30c-hvm7vSQC2DYCc1WHsSWrxdt14v1_Rc9eedsI9qawkvA2qkn6jK0DBa2rMQTLA5_jzYG8MyFKxVN9QthOg0nUNPy3F-CvKCJGX-rJnCIftPwsovFDDIeKoAIwkKHbvHYnCPqyLpfRuvFI6QP0vLUXIZnV1r-Ae9yzvt3MG_lyat2XSZ6oUgETwx4LSMq2cpZLOipg6cfghosRCQxXwu_KNhsEU2Fx5K3b0Kn3E1xyjlkfXaM8uBlp0lwMd_zWOv9LPwbEehBNY3cZeG6iGW5fuBwqJB_e8izIJqfQVIrOY-hx4g_9g&cid=CAQSOwDICaaNmLUhtq4uQUb6Gu_ZBwbwUFmeURhCos-NtjoF5b8kHcMmIEFJDwFexe-zuS0ccpgrCvRZ0xfRGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdulichkhanhhoa.net%2F&ds=l&xdt=1&iif=1&cor=6812039362943980000&adk=3944675600&idt=44&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 00:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 00:15:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 30DF 30 KB
11 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:39:48 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 30DF 41 KB
14 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 03:25:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2664 1 KB
643 B 6ms
4ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 68771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:14:11 GMT
etag: 48472445140208031
expires: Wed, 25 Oct 2023 03:14:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 30DF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00ac670d1defce326889e17d7a7abb6d748fa325c542293d1c625e01079133b4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 115C 6 KB
3 KB 6ms
5ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5C35 38 KB
13 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 68089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:25:33 GMT
expires: Wed, 23 Oct 2024 03:25:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 R42IGImpressionTrackerIABTCF22m.js Show response
a.svtrd.com/media/s/1426/1/ Frame 30DF 2 KB
2 KB 37ms
5ms Script
application/javascript 13.33.88.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.svtrd.com/media/s/1426/1/R42IGImpressionTrackerIABTCF22m.js?cmadid=563753574&cmcampaignid=29964573&cmcreativeid=195909337&cmplacementid=372536456&cmrenderingid=196037064&cmsiteid=6826422&dvadvertiser=10685979&implicit=false

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-9.sin2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aca56701eb08f6439237b83d96f97bd260862c3a7b2a601f347ed618c9e28374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 13:34:15 GMT
x-amz-version-id: y6xQmKM0FwG.nTVexLDpnFdAwZiX7RdK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 31568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 24 Oct 2023 09:56:31 GMT
server: AmazonS3
etag: W/"dbe2f36b7bb4e9fc7f3e76d9f0a3d6a3"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: PD21kBq6QwO_eBjbzQ0t-Fk2yC6b0NVq5C8VuYdKCf7pLI35iI_PpA==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 18 KB
4 KB 17ms
7ms Document
text/html 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55459cf29f74fdff5af1f4ec8496f124835e87c45a1e0668fe9a981124bb2e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:22 GMT
expires: Wed, 23 Oct 2024 22:20:22 GMT
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30DF 0
0 39ms
20ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiRgAGt409CeM0J4gk2X_yCA-zW7fOP_HIO6ykLr_Q8kGu6UJKIQJmnd_Dh__RpV3jk3TBPiPer6cbfO7GC0zIWHeX4_-Z3fOT1yko3oenc6n3cvpcEzZe2g-FdlbsJW5SEYbKqj83obtw4CAFy2xZfkq2aeQWFmS8Tu76jyzbAaBByduzD6NoEky3xlqqf5puT7vAuj_9pODqD-ioSvFGfOEBp2XlSZjR-5ah9f5wsVbnuwIF1pxxqk1OcP3MjfNL-n1TpTsqySEheF6OHdWp7KPylHxYtA5Fd3f9YXObHKzAh2TwYd3HFo0dCZxmUWuoWyUIpYH_tRTnwSLjnMBtMNqm5uoqtTjQongLlHKMQmJN8NXvxbjI6GlIzgKaY0RQcdT-KVXhi1b5YrmrA8liQfs7ItiFCqMMQqh8ie9vibSr4WQ0Cnp7JE4tu9ouhj8h4o3fHHXdWfM1JdMgOcKG1g_z1Cy5hbL7BRWR7NjukhbL17XFxhHhoFhfarHwqO_2VJm8uHs8frKrnwVOlQTNWwrToUw4aQ40_c3n6n2Ip5z3CXBZvrnD1DF5WfuvGzqKQAHNwO5FxVduWywW-v2BAI044HmYtLmcQ5HRUKrXSv6rzk1IMaoN-W32_IzvV3oJid7ViyvsAgQkvY9p7ozRmN_N-7-ua1EGtqin8AabDdPACd8yZc1EboMQbrj4P9H41tocMZgDwXXlbHw-OfjOg4jIPdwsUBJ1VJ-aDLzOnLQ5m9TDRjNDAsmXKPObtJ6Vola0ALJhueXBZm-UBHQF6ClkKGwO40AJxKSv8GtpPjCqz5u5BUKj20eQbQtUhBdf-z6ijc1egfUs7Ck2ik0bM0aDhLUafGwry-dxD3iJk6KC3_sfqFgDfoTXqTtjNtcMWbUFB59gUy0CAolw8lNYiU1skTcqNNh-xZHhPGHmFCt3RydpbsRJbTS6JjUsp4fIUtmc1KTbZbLZhayoKqU2OqmKj7KvicQDIfw8MjpZR1Ko43MGCadq3yHKKZFuQr2I6v-EX3k2tEhF4yauzfxtirxV1b_v9xWWeJHSJjjCDasouFPNSgtekJ3bRCbfIf2bYonlzVSrM2ZizRqwzQsHFUZpieK-hb_KjCSeJ06x1khysV1V7SBUsaKbznKsLJGAtRlrgp1ReWEBNefGuPWgbE4QKfK6wdOpVqUiNvNs229T7LbNpQErVwK68lYGKZcPudVb1W7fk2L6CqSxBy7cEumTed-O2x0oJyLuCm12rwsDFwtj-1F-xulIAMy-Fgljg-2X7uTx3-EWStus1MHAlpcMMHtLNT4XRR6ng4yPlvwG1nrqzl4om2VA1uuVuiSZeXZFre9oe244q9fgrsoE8JIHuf2XlUCB-4tSdz8jcxSsbBHqPhFEvbhGFojrTv3-ITK0du0CLrDJAakko94YUg&sai=AMfl-YTxxli_LJzx-0cTeUTHSS-We6ZOCKI-vay4AIZCyDY21Lb7rYDfrVH06JKlGfwwXzVrILY6ApMBa852fCspBIgIWcBXwMrdGtQg4AfHJ01Shio-J0Qd_gQocITA4rTrtHm_I1UXucrkDui_wJzLqmZCBTFue2rcA7vlv5NQopkhX-XmDG_Y9AE7-mQrmfjDogUZeEY2D9zUl6zyzcmLtIt7OL-WNiUlU_yYVLoKH5jYGvAzLy2jVTWm3YL6ksYO5iOkeVV83ZQafUHcelyc4ejcb9KXSlg&sig=Cg0ArKJSzBufcSDeuK02EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=207&cbvp=1&cstd=197&cisv=r20231023.04114&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2664
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELtso6AJlPYROoiLWT0uiEs&google_cver=1&google_push=AXcoOmTphazwkOP7QtXmvMOjZA3NZHLQMCFFCPVBkl_pRHaxlUGZ_BC6MGwxBlNMEGLBx2zVQA_1X...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTphazwkOP7QtXmvMOjZA3NZHLQMCFFCPVBkl_pRHaxlUGZ_BC6MGwxBlNMEGLBx2zVQA_1XX875ClJPCheVtSBvyGy-UTUS1vXds2tabV9zMwrlzR3wzemsZMV2I...

170 B
188 B

10ms
8ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTphazwkOP7QtXmvMOjZA3NZHLQMCFFCPVBkl_pRHaxlUGZ_BC6MGwxBlNMEGLBx2zVQA_1XX875ClJPCheVtSBvyGy-UTUS1vXds2tabV9zMwrlzR3wzemsZMV2IzdOruyZ7dwWgo

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Oct 2023 22:20:21 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 499E0A3B1F244A98932F726918FE02B1 Ref B: SIN30EDGE0114 Ref C: 2023-10-24T22:20:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTphazwkOP7QtXmvMOjZA3NZHLQMCFFCPVBkl_pRHaxlUGZ_BC6MGwxBlNMEGLBx2zVQA_1XX875ClJPCheVtSBvyGy-UTUS1vXds2tabV9zMwrlzR3wzemsZMV2IzdOruyZ7dwWgo
x-li-source-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYIfb6i+M+I3B/cmPTrLQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2664
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESENRm2jDcCQ8zBmp5kD-a99c&google_cver=1&google_push=AXcoOmS7bql84x0AOA7aeRbaeOAeBXQe_1edeVSTenekH69estxgXzwtm6WLMg7-5SgBKg4ZhqCp4e4yP0...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS7bql84x0AOA7aeRbaeOAeBXQe_1edeVSTenekH69estxgXzwtm6WLMg7-5SgBKg4ZhqCp4e4yP0DdzzchrlZ8YF5Epnkdtq3yqZ8yLsJoXYskflQ627vab2DWvY...

170 B
188 B

10ms
10ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS7bql84x0AOA7aeRbaeOAeBXQe_1edeVSTenekH69estxgXzwtm6WLMg7-5SgBKg4ZhqCp4e4yP0DdzzchrlZ8YF5Epnkdtq3yqZ8yLsJoXYskflQ627vab2DWvYuIYMR-phWE3Hw&google_hm=R1p3Y3pNV1dfRXQ0Q2NIOS1uemlfaUlIcV9N&from_google=pc1

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 22:20:22 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS7bql84x0AOA7aeRbaeOAeBXQe_1edeVSTenekH69estxgXzwtm6WLMg7-5SgBKg4ZhqCp4e4yP0DdzzchrlZ8YF5Epnkdtq3yqZ8yLsJoXYskflQ627vab2DWvYuIYMR-phWE3Hw&google_hm=R1p3Y3pNV1dfRXQ0Q2NIOS1uemlfaUlIcV9N&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2664
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELmexr9vsBKnGQ7xd8EsTRo&google_cver=1&google_push=AXcoOmT081qxM3s3vUV_YAx39Y8x5BbgWe_Eu2xe7eUG8shg1Re7Ta7p22ZGjCvs3xHa0QxCotePU7LA4VcRaRSuzJwOmoBUbTZ-vgpb...
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzkxQTY0RjMyODdBOEE5RQ==

170 B
188 B

23ms
23ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzkxQTY0RjMyODdBOEE5RQ==

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzkxQTY0RjMyODdBOEE5RQ==
date: Tue, 24 Oct 2023 22:20:23 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2664
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN7lqAduUfehml2VqybwqIo&google_cver=1&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTUZDrcRN...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN7lqAduUfehml2VqybwqIo&google_cver=1&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTU...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ca6664cd-d4c8-455b-a1f7-3564e6b6f252&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTUZDrcRNx335snSfYEXnVTozjstcfa6PsTUj3h9SfiN-EhoN8V...

170 B
188 B

9ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTUZDrcRNx335snSfYEXnVTozjstcfa6PsTUj3h9SfiN-EhoN8VmzxlDXxA&google_hm=9-fQDC-yQ66IQYDLlAclBg==

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQt5bX0CY8AafIcANlrGghDhi710HhHLoyZvbjDPHD7MCNVRjL6U3bSnj0gyKXVdIfCNP17vq1rpeZJTUZDrcRNx335snSfYEXnVTozjstcfa6PsTUj3h9SfiN-EhoN8VmzxlDXxA&google_hm=9-fQDC-yQ66IQYDLlAclBg==
Date: Tue, 24 Oct 2023 22:20:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2664
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF4ST3lc0SSkZT9gtzup3wE&google_cver=1&google_push=AXcoOmR0LcfAugTbVLMzVCVq76tGfNul67MGd2dNsTfB-1jTzXBpY0elOEWbpy3rz8Kie2pOh9EWQVnua9eqVskHGe0nwaq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0LcfAugTbVLMzVCVq76tGfNul67MGd2dNsTfB-1jTzXBpY0elOEWbpy3rz8Kie2pOh9EWQVnua9eqVskHGe0nwaqlTyfCzTb5LnPj_CldkG0f-a_msPiHgpMsUHB06...

170 B
188 B

26ms
25ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0LcfAugTbVLMzVCVq76tGfNul67MGd2dNsTfB-1jTzXBpY0elOEWbpy3rz8Kie2pOh9EWQVnua9eqVskHGe0nwaqlTyfCzTb5LnPj_CldkG0f-a_msPiHgpMsUHB06tinXkPiXBo&google_hm=eS1SYlJ3TFdORTJwSHVKX3ZuOWVJTGQxcV9TTldwb0RxNH5B

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Oct 2023 22:20:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0LcfAugTbVLMzVCVq76tGfNul67MGd2dNsTfB-1jTzXBpY0elOEWbpy3rz8Kie2pOh9EWQVnua9eqVskHGe0nwaqlTyfCzTb5LnPj_CldkG0f-a_msPiHgpMsUHB06tinXkPiXBo&google_hm=eS1SYlJ3TFdORTJwSHVKX3ZuOWVJTGQxcV9TTldwb0RxNH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2664
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESENd5To-aG8pns8mZrogVLSg&google_cver=1&google_push=AXcoOmTT9hbROUMimEdzJ1p1dduUJcZlCrRanQostb0yWeLaUgFfaptrjevPJ0bJAQaG0Rw9GoU97gO8KAYY5ReJT...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTT9hbROUMimEdzJ1p1dduUJcZlCrRanQostb0yWeLaUgFfaptrjevPJ0bJAQaG0Rw9GoU97gO8KAYY5ReJTiIsDq3vWl6Hq8SXI6BjtiBhEMOflTHPcPXsyIEcKhq...

170 B
188 B

9ms
8ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTT9hbROUMimEdzJ1p1dduUJcZlCrRanQostb0yWeLaUgFfaptrjevPJ0bJAQaG0Rw9GoU97gO8KAYY5ReJTiIsDq3vWl6Hq8SXI6BjtiBhEMOflTHPcPXsyIEcKhq7eZfydWlAPg&google_hm=AWaF1mJZxUlkqd8oZRCN54I

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTT9hbROUMimEdzJ1p1dduUJcZlCrRanQostb0yWeLaUgFfaptrjevPJ0bJAQaG0Rw9GoU97gO8KAYY5ReJTiIsDq3vWl6Hq8SXI6BjtiBhEMOflTHPcPXsyIEcKhq7eZfydWlAPg&google_hm=AWaF1mJZxUlkqd8oZRCN54I
Date: Tue, 24 Oct 2023 22:20:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 273
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2664
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESED4JeVrmOXHieL-1ntHbrs0&google_cver=1&google_push=AXcoOmRexuP2Bqt3bDvapAYVYOu2Oa2nRP6IdOVVptZ0V0zDJKcgerhvwUS9CAo7dPsT17YBnY48E4iqZhAMHWFGR1-2fBqLI...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRexuP2Bqt3bDvapAYVYOu2Oa2...

170 B
188 B

15ms
14ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRexuP2Bqt3bDvapAYVYOu2Oa2nRP6IdOVVptZ0V0zDJKcgerhvwUS9CAo7dPsT17YBnY48E4iqZhAMHWFGR1-2fBqLIDn6gb_E8rcnAhaTC7e8Nru2RHJPj06JCwwcIRZkNVdj2SI&gdpr=&gdpr_consent=

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRexuP2Bqt3bDvapAYVYOu2Oa2nRP6IdOVVptZ0V0zDJKcgerhvwUS9CAo7dPsT17YBnY48E4iqZhAMHWFGR1-2fBqLIDn6gb_E8rcnAhaTC7e8Nru2RHJPj06JCwwcIRZkNVdj2SI&gdpr=&gdpr_consent=
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2664 0
12 B 10ms
8ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J15eY3WYdDk4BOAgS2HsEgWkatdD4BUVzAAuwYU4gRG8AEI3jRn7Y5K0ilr86Aji6lIIol

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0D87 645 B
254 B 25ms
19ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCvmuzJBBjdw4j7ATAB&v=APEucNX57RV1lcbKEi3cmw32Dargpzqx3Wmm6jeFiiOqqjGpnZPFPCh6g2Esj3qXKgd_C1BHW_Lr98fw9Pf_FP3TGoIcgxJWzpQO-5YBLApnAHPCuibeTSU

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 115C 23 KB
9 KB 11ms
9ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:33:21 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 115C 7 KB
3 KB 12ms
10ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 04:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:55:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 115C 0
0 24ms
23ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1vFzYze49g1JT-vF4mYjyEt6_JYshvEsO4GS9QFbzHI10yvED-hDbNW22_argZhSigaegMb0IPUT4oFlvvfMZhSqolRGortDeGwtfFwer8nvXbwVtCnVCZNp_-6CPYTf3KVIz0DCV1dk4gW8MYWZmBBKXvi94S95snKeWpucmJnxsMrjMQE1kcoj-oinEmMxbB7XUu7Pv_n6OZUC9Ye81qtY412iON1URl7sF1eia01QaL2bGXwML6s8uOpGwWZwFwgrwANWIVzVSGvnS2O33NR6B-mLqlJFyyHppiLsXa2AxcD95dwcfkU2Ds5MhsdapEb0s1k8OpcRe9uMaEhdOHi59HE1RRLvpG2__tGpv_UQ0ACCXMm8fxjNvtJKHihz58XpGoftlRKKo884PLf5hyrcN1x_BjhnTJKWsmAmzQdhHKyayYEJ_XKIoNcK7J2Y__Pcp1UoDJvArZKrQqh1BkUsYKHeQwpkOnuz3XUvq1IsEQOi4CBEq1HWjxTqLjRD0BdVlnkVx9V26o8Q7dm9kwMedBwtSaM5AliqxIGP7qKOEO_J_5cmivgYqWY9HrWgTuRI0A7Vej-AlhhXMjVt_1PL6R7ThO5_aKpf40iwe949Xwekpzd5bvLVTfjGwRWDBpi8-BnLL2vfN4YncSk9Tsg4CuM8E-S7nbaHvUYldH8SCb5Km9rXVpDQ0Cy2xzav5rso8fchzhpkfA50TCAVw1y2CXj2sTc7KgulxQ8cJ4Ch_5k7Dy9J40P5dh2tfahhzE24OJY1qPx8DjSWPW_IQ7NlGaC_eZ1EPZLcAwTY5rB79nS4eUho0szhXVGpPExf3ky1CNENrE0nYcua_Mcoo-HKnubkmWXGgi3yaDDKYwgzfKwv-pTvVrDfSGuF8gmK6EPCzCSWqffsJ8UJf1QOKrgAbYpLqtm5fwmAUZ46PJjKBPMawZ-ecOjybO-GjdYQyy-KClWLx_SK0oQByueW5Q2ss5NFQOb-vApIXm6UwoHmBnOp1spiRJ6QmUk-ms6Xnr03FNsocELC0l8zLiRT1RCDyQBptnKmaL2-84Bp3L-rUAgBhiNgCPq0AsM6NvQCCMHAN_6p6rOzL7gWSZbmSTH2xf_ycCWp_Q8ose-o-JTZyo_03H8DyVott-WD3WZ8dOfaGmomVQvwLNC4xkFizNDBjsIKawAcOML3HMfETZoxj1mctBHZcymkiiKiYICyxOqyC7Y2DQyfNgsHqUc16r6llc3snxnlCQR6u--RRmQg-54QFj59fQd-dNn9eCg&sai=AMfl-YQsxudXfZiSDhkmcM4cOtNIiBUAw28qFClQJYHl56fPGaPdHWYdfGWN4e5oLxWcrNo5Y4AaHxW3MdgdfCmdjpqp-6mWxc2iEePI1Qe3-1vbZNYnoJVUDEPswSpksuYBLVvFDE8M5X716HiHVjtkIC6q_34MdZ6BKEaDIn8Tu-NrL5wTjp1_3OTE2R9B18MVqstCopx7Dw2AN4n82cFwz_XcVnepUX-pzkpKdbMSleXd5QDE0m8mHAnKPnLnklPQzW-rRG4hj_Vb3UO8YS1kE3p2LtXVfMaprRgJQg2vAU9w5r0BkGKmEp_GTydRSwsPa61iMei_h1EHr522_Kb7svx1O6-FGYQm1AsE2rQqXUjz7l20PwvYbmqEfVbwltXGWlkLIVgDJhvqSC9HQzrJuhHQ&sig=Cg0ArKJSzLAUetywsGnNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231023.95792&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 115C 41 KB
14 KB 15ms
15ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 03:25:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 115C 3 KB
1 KB 12ms
12ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0C96 1 KB
643 B 19ms
5ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 68771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:14:11 GMT
etag: 48472445140208031
expires: Wed, 25 Oct 2023 03:14:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 115C 20 KB
8 KB 13ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 115C 42 B
63 B 18ms
7ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNirKBoyYiU_z6pC0Hu8M3CIvnHFXeI0dNYsKc7XNDKFYoGf9JL9hsS0b9DKsu4p_i0QOOiqf8Uh1DtOqtCaVblns7XuBdeFU5k2UnmOrxn1suKdU

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 115C 0
0 71ms
60ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhThhoyGYz6wDw5Ddhna9AB8l6fJNcpUjj0IMAYqnilsJ_6VmNBKnRGwMhPzF3fIm5OftsUmEukkA1fGXhvzz5aHxWgw
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 115C 187 KB
59 KB 20ms
9ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H3 200 2202075108086666361
s0.2mdn.net/simgad/ Frame 115C 551 KB
551 KB 18ms
7ms Image
image/gif 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2202075108086666361

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b7bd39f4b82998dda6e36a7bcbe50640c6837a5d20f95ab7caa979dbefe59fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 10:22:17 GMT
x-content-type-options: nosniff
age: 129485
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 564489
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 11:17:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 10:22:17 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame BC46 15 B
178 B 42ms
31ms Script
text/javascript 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6816&&vgd_canary=0&vgd_l2type=scs_newfl&fp=07ML5Tb9V1vJXC4SA4fv_0nUIg5covcBNah5SiJy3DaegcDmTUVeQUq8i5E24Cu5bcSaqn6BK153cQMx6I2dppVOj1L6o-95S3-LyTXJMbjyUWsIifX8mPaQQhYh6iRJuZNIimMbVNASpVEZgVG8tw%3D%3D&cme=PfSOPVrix-EOUpqi1bX6AtwmoW6DDvC0-nH5UrEQSzbmPAx9RqL8hau0CmYaC0k9PPRjxnKuOQt4N8HeoNna7TtTTcfzn-7Cuz8epW8y6dt5vhCaRdnbTh5I-tHVTgXqf8ZDETe9YykFkRkwDiI9L8EUkK--i3pQH4XtLFWqQNXJSUcFHWfJYTI0AfocM57s1Ab0bS7QZceUVfFC_uxRGlkbLad9tUBVPTFjVqcCf00UU4ZTK5TXMA%3D%3D%7C%7Cu8A6SM53vAe1MU7xgTo35mvrNAzAitjE%7CHZdN3z6UKeEWWvNXWyqUfHSeN0ypIGUY%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7glqpxJruDUYJqribXrY2HmGzwnZMhlgGctOiIqQ3Otg%3D%3D%7Cxrl5Md8q4--ybyhiQ3NCb0YievCsTgWdn1Ft05yejLc6KzqzCizWjA%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7Cs2muSEsKIVFcONpgCs8bsoWM19dZ5Yk3pnV7kcX4amtNUeYg-4uOqNpZXfrqg82LRkOg16n0oax6T5HHTLqCaq1jomYquYYXEANZ2Gc5VRG_t1jEUur5EynLZk_o1V5T_uNilvm11LGR7xPTy7JCtozaANtyyGMHFeNqnJw6KeKek7esKlrcXEUsX7dmPbg8LYFKklsQrA6GfTN30rS5_AT553sxpdIQclldCJ2ajVKOjHj9lGLB-0mo7yiEfEJJ3hSf7jzxPkuzesC6v91nBQ%3D%3D%7C&subBdr=99&bdrid=319&ksu=224&fdkt=475&vgde_kbbh=fuoyxQBuG&kwd[]=10+Best+Creams+for+Psoriasis&kwt[]=475&kbc[]=8d6abec9fd5a9c9746fc564f16b5baa2.d2s&kwp[]=1&kid[]=351542023&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D102411%7C13%3D0.0350%7C14%3D102402%7Cokt%3D475%7Cbkt%3D475%7Cps%3D1.134%7C80%3D1.18%7C53%3D0.14%7C12%3D0.12%7C60%3D0.53%7C1%3D0.13%7C2%3D0.38&ktd[]=4503874522452224&kwd[]=10+Best+Mattresses+for+Back+Pain&kwt[]=475&kbc[]=8d6abec9fd5a9c9746fc564f16b5baa2.d2s&kwp[]=2&kid[]=351071221&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D102411%7C13%3D0.0337%7C14%3D102402%7Cokt%3D475%7Cbkt%3D475%7Cps%3D1.134%7C80%3D1.18%7C53%3D0.02%7C12%3D0.01%7C60%3D0.83%7C1%3D0.30%7C2%3D1.53&ktd[]=4503874522452224&kwd[]=10+Best+Cryptos+to+Buy+Now&kwt[]=475&kbc[]=8d6abec9fd5a9c9746fc564f16b5baa2.d2s&kwp[]=3&kid[]=353668523&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D102411%7C13%3D0.0212%7C14%3D102402%7Cokt%3D475%7Cbkt%3D475%7Cps%3D1.134%7C80%3D1.18%7C53%3D0.06%7C12%3D0.03%7C60%3D0.07%7C1%3D0.09%7C2%3D0.46&ktd[]=4504424278266112&kwd[]=10+Best+Cruises+for+Seniors+in+2023&kwt[]=475&kbc[]=8d6abec9fd5a9c9746fc564f16b5baa2.d2s&kwp[]=4&kid[]=352023736&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D102411%7C13%3D0.0246%7C14%3D102402%7Cokt%3D475%7Cbkt%3D475%7Cps%3D1.134%7C80%3D1.18%7C53%3D0.43%7C12%3D0.61%7C60%3D0.10%7C1%3D0.50%7C2%3D1.74&ktd[]=4504424278266112&kwd[]=Best+Credit+Cards+for+Bad+Credit&kwt[]=475&kbc[]=8d6abec9fd5a9c9746fc564f16b5baa2.d2s&kwp[]=5&kid[]=48827983&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D102411%7C13%3D0.0245%7C14%3D102402%7Cokt%3D475%7Cbkt%3D475%7Cps%3D1.134%7C80%3D1.18%7C53%3D0.04%7C12%3D0.35%7C60%3D0.36%7C1%3D0.35%7C2%3D0.81&ktd[]=4503874522452224&kwd[]=Top+5+High+Yield+Bond+Funds&kwt[]=475&kbc[]=8d6abec9fd5a9c9746fc564f16b5baa2.d2s&kwp[]=6&kid[]=329829026&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D102411%7C13%3D0.0249%7C14%3D102402%7Cokt%3D475%7Cbkt%3D475%7Cps%3D1.134%7C80%3D1.18%7C53%3D0.05%7C12%3D0.01%7C60%3D0.29%7C1%3D0.02%7C2%3D0.06&ktd[]=274895081728&v=1&geo=1.31%7C103.83&dlper=20&lper=100&lpid=&tsid=611&hint=&cc=SG&wsip=170762882&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22bZ%22%2C%22QQN75%22%3A%22Q8zy1EmLJ%22%2C%22QQ8E%22%3A%22f99u%3A9Oku%3A9W99%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%229u%22%7D&cid=8CUL26IV2&vi=1698186021492397884&vsid=3411876228094241&tdAdd[]=asnum%3D59253&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L296-S296&vgd_l3_sc=01&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_refdomain=dulichkhanhhoa.net&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=82094&vgd_nrrmf=3000c84a&vgd_nrrsf=scrr&vgd_cty=singapore&vgd_ifrmode=14&sttm=1698186021972&upk=1698186022.637&hvsid=00001698186021972035102809428297&verid=3111299&sbdrId=99&tsrc=entity&vgd_l1rakh=1698186021128294498&vgd_ecrid=1700080807683300320048000039800&vgd_isiolc=1&kbbq=%26asn%3D59253&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=65213&vgd_vstrid=3411876228094241&vgde_bdata=~G-MjJzvufHf~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvAoA*XoA*uWoA*f9oA~G-M1Qzv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvAf9-HW9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjvf~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvuX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfvu~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9H9~OYYMYuv9.9HF~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.XAf~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iih~OYYMYuFv9.uuh~OYYMYfv9.9hX~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.XiA~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvf.999~OYYMYAFvf.999~OYYMYAivH.999~OYYMYH9vH.999~OYYMYXvu.999~OYYMYXuvf.999~OYYMYXfv9.f99~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhv9.AAH~OYYMYhAvf.999~OYYMYhHvf.999~OYYMYivu.999~OYYMLv9.uuh~JMLEYv9.9HF~JLEYv9.9HF~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evf99uo9Okuo9W99o9999o9999o9999o9999o9999~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvuXuW9XWWAh~Q7OvuXuW9XWWAh~eGLv9~NGOEv9.9uu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvuXuW9XWWAh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.f~EmQvu~1NM75EJvu~1OGjUvuXuW9XWWAh~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov%3DK4b4alD%20JZW4Z_V7QDOzJTGb73~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjvu~QmGEv~-8OvKrtoExGoHWiHhfXhii99fFFH~w7Yjvu~ONx7vHX~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEfXv9~JNEMEX9v9.fAf9f~JNEMEF9v9~JNEMEh9v9~JNEMEhXv9.H9F9u~JNEMEW9v9~JNEMEWXv9~JNEMEi9v9~JNEMEiXv9~JNEMEiiv9~8GNvu~&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=224&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1098&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_l1rhst=contextual.media.net&hvsid=00001698186021972035102809428297&rc=0&rand=1698186022387&acid=0398af526f10b3f03dd5e9fe6c30e68d&matm=1698186022387&vgd_ltimesrc=1&vgd_ltime=571&vgd_rtime=512&vgd_etm=7&vgd_l1hcsd=S5h9m%7C7084&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=1263&vgd_pgid=p01514196453t202310242220&vgd_csip=rtb-common-7f7b5c9667-k6ddq.SG&vgd_sbSup=1&vgd_nrrs=82094&vgd_cntrdt=SL%7CDIV-creative%7CDIV-card&vgd_crefurl=https%3A%2F%2Fdulichkhanhhoa.net%2F&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2881&&kkdd=*W%7CH%7Cn9*A&VG=Zqz.Z.qA9Z6z9Ozb..6&Mt4f=A&Fg4H=A&ktV=ZAz.&)gk(=Q9zq&kGt=.i5Q9qRC9&k4kt=Aq26zrjG*m7RU*Z8OcLdFl%3D%3D&kfGt=q6ddZO6Ab&gGP(=O9Ao6.A&kk=J*&kaUF=ul7nKB0&4Gt=.XKmqh.C6&)4Gt=YZ~Oqq.&a))4g=Z&fff=)P7DaQk!DQ.fnq49uxQ7U-Lj1zbbiQxD2c51bdi_a*~%3D&_8fT=a))4g%3A%2F%2FtE!Gka_aHUaarHpU()&(_8fT=8bb~2%3AJJKoI.B858ZP88FZpPmb&Ug(=d&!8=Z&EMt=6&Ht)Z=.i5667ObK&Ht)9=bObZ6..qb&1tH)H=y1o3!(U%3DZ969y1a4%3DAy1Gt%3DApA9Ay1o3HUk(g)rf%3DODOSdDOSZ.DOS9ADOy1o3HgU%3DAy1o3(o4%3DAy1o3MGUgE%3DAy1o3GU)Ft%3DAy1o3fa%3D6bc~24I.uWy1o3f4k%3DAAZAAAZy1o3gGP(%3DO9Ao6.Ay1o3)FHo%3D9dAy1o3)F!3gETTGo%3D%2FykG)L%3DJRB*lXK7~yk_3T!%3D9ytk%3DMk4DH4HkDg(ZD1ytFF3tZ%3DAytFF3tZA%3DAytFF3tZ9%3DOytFF3tZ6%3DAytFF3tZd%3DZytFF3tZq%3DOytFF3tZb%3DZytFF3tZ.%3DZdytFF3tZz%3DZAAAytFF3t9%3DYytFF3t9Z%3DDZytFF3t99%3DApAOytFF3t96%3DdytFF3t9d%3Dt(T3t(TytFF3t9.%3DdytFF3t9z%3DApAAytFF3tO%3DAytFF3tOA%3DAytFF3tO9%3DZytFF3tOO%3DAytFF3tOq%3DBlytFF3tOb%3DYytFF3t6%3DZAytFF3t6A%3DAytFF3t69%3DAytFF3t6O%3DAytFF3t66%3D4frtytFF3t6d%3DAytFF3t6q%3D7ytFF3tdZ%3DAytFF3td9%3DApAAytFF3tdq%3DAytFF3tb%3DAytFF3t.%3DAytFF3!%3DApA6AytFF3FZ%3DApA6qytFF3FZA%3DZpAAAytFF3FZZ%3DZpAAAytFF3FZ9%3DApdO9ytFF3FZO%3DZpAAAytFF3FZ6%3DZpAAAytFF3FZd%3DApzzbytFF3FZq%3DApZZbytFF3F9%3DApAbdytFF3F9Z%3DZpAAAytFF3F9O%3DZpAAAytFF3F96%3DZpdzOytFF3F9d%3DZpAAAytFF3F9z%3DZpAAAytFF3FO%3DZpAAAytFF3FOA%3DZpAAAytFF3FO9%3DApAZAytFF3FO6%3DZpAAAytFF3FOd%3D9pAAAytFF3FOq%3D9pAAAytFF3FOz%3D6pAAAytFF3F6A%3D6pAAAytFF3Fd%3DZpAAAytFF3FdZ%3D9pAAAytFF3Fd9%3DAp9AAytFF3FdO%3DApdAAytFF3Fd6%3DdpAAAytFF3Fdd%3DApdAAytFF3Fdb%3DZpAAAytFF3Fdz%3DZpAAAytFF3Fq%3DZpAAAytFF3Fb%3DApOO6ytFF3FbO%3D9pAAAytFF3Fb6%3D9pAAAytFF3Fz%3DZpAAAytFF3f%3DApZZby(3f4F%3DApA6qy(f4F%3DApA6qyak%3DA%20%2B%20AyGaH%3DAyG)L4(%3Dlceyf3kk%3DJ*yf3G4%3D9AAZDAtTZDA.AADAAAADAAAADAAAADAAAADAAAAyf3gk%3DAZyf1r%3Dd3Oyf(T3kU)%3DAyg(!!(f3)HM3Gt%3DZdZ.Ad..Obyg)t%3DZdZ.Ad..ObyV1f%3DAyk1t4%3DApAZZygt%3DZyG)L4(3Gt%3DZbyg(!!(f3)HM3Gt%3DZdZ.Ad..ObygE44!L3)HM3Gt%3Dyt()(k)(t3)HM3Gt%3DyVG(8H1G!G)L%3DAp9y4rg%3DZyHk3)L4(%3DZyHt1!_%3DZdZ.Ad..ObyHF4%3DZyrM1Gt%3DApA9Ay1T!f%3DApAZAygEGt%3Dil~J~KP7s(*.~*YR)g7tU(Q1J)0yt)k%3DH4Hk3gMytFF3(f4F%3DTH!g(ytFF%3DaHfFrULy1t4kH4t%3DAytH!M%3Dt(THE!)yGUg!%3DZygr14%3DyoGt%3DlceD4E1D6.z6b9dbzzAA9qq6ya)F!%3DZytkE)%3D6dytrM1%3DADZy(k43Eg(t%3D1(!r83sdAy(k4349d%3DAy(k434dA%3DAp9O9A9y(k434qA%3DAy(k434bA%3DAy(k434bd%3DAp6AqAZy(k434.A%3DAy(k434.d%3DAy(k434zA%3DAy(k434zd%3DAy(k434zz%3DAyG1k%3DZy&U)V=A&G8=A&GURTf=Z&1tfRt=OZz&1Gt=O6b66A&_))!(=JHT(-fHF(%20irU)HGU(f&FkT=qd9ZO&Ltg4f=Z&1H(=W6HsWs66MW&_H)4f(=Z&_H)1Gt=DZAO&kHtrFHGU=)P7DaQk!DQDuJaB69DEETkVJ~b8k)_nqEqV240O_ozOci*FJmJh0h8%3D%3D&L4!4=Z&GgGt=Z&HtV=ltVHUk(%20JGF4!(&4MGt=4AZdZ6Zzq6dO)9A9OZA96999A&gg!t=%7B%22ggG4%22%3A%229AAZ%3AAtTZ%3AA.AA%3AAAAA%3AAAAA%3AAAAA%3AAAAA%3AAAAA%22%2C%22ggkk%22%3A%22J*%22%2C%22gggk%22%3A%22AZ%22%2C%22ggk)L%22%3A%22gGUMH4rf(%22%7D&a)F!gfk=Z&)kT3kF4=Z&ure=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-252-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Tue, 24 Oct 2023 22:20:22 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 15
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 6 KB
2 KB 17ms
15ms Stylesheet
text/css 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 17:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 17:49:15 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 4 KB
889 B 19ms
17ms Stylesheet
text/css 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0247c634a1f33aceb0c8a9f478a8660adfb2e2e9be7d9c11f9c136ca21ea4ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 10:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 860
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Oct 2024 10:18:10 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 7602 120 KB
41 KB 24ms
22ms Script
text/javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 15:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 15:18:11 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7602 57 KB
23 KB 27ms
25ms Script
text/javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 8 KB
3 KB 22ms
21ms Script
application/x-javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/textFit.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 11:30:00 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 27 KB
11 KB 20ms
18ms Script
application/x-javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97b425c044c0f74127938ce35f477873b7bbbf589951732b515c95ef7c688c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 23:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11214
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Oct 2024 23:13:32 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 7 KB
1 KB 25ms
24ms Script
application/x-javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f96be5d99cbb96e6f81c1e855f4e1f3373dab628cee4b10fe7c1e7bde77cd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1422
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 00:45:11 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 9 KB
4 KB 24ms
23ms Script
application/x-javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3818
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 12:00:47 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0D87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&gdpr=0

43 B
736 B

21ms
18ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCvmuzJBBjdw4j7ATAB&v=APEucNX57RV1lcbKEi3cmw32Dargpzqx3Wmm6jeFiiOqqjGpnZPFPCh6g2Esj3qXKgd_C1BHW_Lr98fw9Pf_FP3TGoIcgxJWzpQO-5YBLApnAHPCuibeTSU
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHfXyr4xcFfEcukh7wN06Np7ucSId3kaLEyncCuQpz%2BS%2BrsWaSPm5%2FfocySrG3vo3572V1FbMj%2FL7eeIrm9hqmc9z%2FkoqeMvQ7yRDd9EAccm%2Fj3NxDQFobOZ3Dhgf%2F3dC5GTWkPswAEPjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b50fe155fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0D87
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&google_hm=2

43 B
739 B

21ms
21ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCvmuzJBBjdw4j7ATAB&v=APEucNX57RV1lcbKEi3cmw32Dargpzqx3Wmm6jeFiiOqqjGpnZPFPCh6g2Esj3qXKgd_C1BHW_Lr98fw9Pf_FP3TGoIcgxJWzpQO-5YBLApnAHPCuibeTSU
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsEDTVmzJDKvp0ndu2eBSNh9hcjRwWiXbxz6gUEGpTW8engz%2F7XfASlD7bHhAtQFZnk6MDynFzpwxDhx0xDFeS%2Fhne2%2F%2FOE5y1PQgMoGOSiKOZtRglXeqkH69VG%2BuvLbbcy8zjXOZhw%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b512e2b5fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEItByBEJwVXdFck5QhZ9S2A&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0D87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENLnYiQDaVXg2eG7LzJvFuk&google_cver=1

43 B
839 B

3ms
3ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENLnYiQDaVXg2eG7LzJvFuk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCvmuzJBBjdw4j7ATAB&v=APEucNX57RV1lcbKEi3cmw32Dargpzqx3Wmm6jeFiiOqqjGpnZPFPCh6g2Esj3qXKgd_C1BHW_Lr98fw9Pf_FP3TGoIcgxJWzpQO-5YBLApnAHPCuibeTSU

Protocol

Server

103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
an-x-request-uuid: f75ba3c2-e66e-428e-8d62-cbd366d77034
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENLnYiQDaVXg2eG7LzJvFuk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D87
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

170 B
188 B

9ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Requested by

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
an-x-request-uuid: 60d463a4-1d64-4a6a-8d71-ba91d60f23fa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 35ms
26ms Image
image/gif 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.5967293130725617

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-YM-vr5v4wrQnqxsm53aQrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-YM-vr5v4wrQnqxsm53aQrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 40ms
31ms Image
image/gif 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.283859336318585

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aP-BU-XENOQMKcGEAvo9-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-aP-BU-XENOQMKcGEAvo9-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0925 6 KB
3 KB 8ms
7ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C35 38 KB
15 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15035
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:13:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C96
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMZ8bUQdokfd_SYiZax0fwE&google_cver=1&google_push=AXcoOmTRa12axVUJHsGauMPhj59EKTi0jPeHoaVTfvYhhhtrm19HmTMWvHB9bzzb_vp-Rrhhm2qhYY0YZsQiJu1Ec7...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEMZ8bUQdokfd_SYiZax0fwE&google_cver=1&google_push=AXcoOmTRa12axVUJHsGauMPhj59EKTi0jPeHoaVTfvYhhhtrm19HmTMWvHB9bzzb_vp-Rrhhm2qhYY0YZsQiJu1Ec7...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTBiZGM0ZjgtODljYS00YjkyLWJlNWQtZjE0OThjZDhlNDFj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a0bdc4f8-89ca-4b92-be5d-f1498cd8e41c

170 B
188 B

23ms
17ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTBiZGM0ZjgtODljYS00YjkyLWJlNWQtZjE0OThjZDhlNDFj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a0bdc4f8-89ca-4b92-be5d-f1498cd8e41c

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTBiZGM0ZjgtODljYS00YjkyLWJlNWQtZjE0OThjZDhlNDFj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a0bdc4f8-89ca-4b92-be5d-f1498cd8e41c
date: Tue, 24 Oct 2023 22:20:22 GMT
server: Kestrel
content-length: 423

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame 0C96
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESENEFH15aW_FhSXxxuOBvT18&google_cver=1&google_push=AXcoOmTOEvNmHv9ygddeqs9c91XmhxWBdpKTK6wO6Ww4qchmPstLH3kcuIIjal0EjghgC...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlRoREpzQ284WUVBQUkzVFgzTUFBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDu0EshvjLGy52d0miRtSkk&google_cver=1

43 B
945 B

273ms
95ms

Image
image/gif

124.146.153.152
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDu0EshvjLGy52d0miRtSkk&google_cver=1
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 124.146.153.152 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 22:20:23 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEDu0EshvjLGy52d0miRtSkk&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.238","key":"ZThDJsCo8YEAAI3TX3MAAAAA","privacy_sensitive":false,"uid":"ZThDJsCo8YEAAI3TX3MAAAAA","upstream_id":"m-ad40"}
X-SO-Key: ZThDJsCo8YEAAI3TX3MAAAAA
X-SO-Upstream-ID: m-ad40
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad40.dc4p.scaleout.jp
X-SO-UID: ZThDJsCo8YEAAI3TX3MAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 209.58.162.238
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 10
X-SO-LB-Hostname: m-ng22.dc4p.scaleout.jp

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDu0EshvjLGy52d0miRtSkk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C96
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEP-fmw483t1fPMGAbXfRLJM&google_cver=1&google_push=AXcoOmTI_fZaufiDXFtZU_ABXQZzAQ2SiGmhSuul0iBmLnwvYOE7BQb6DqDp7oKrSm7oqqWkUpR8N7CPFMg5yYKgfnq7vTzBcKObhIl1...
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTIzMEU4NUNCOUMyMEM2NQ==

170 B
188 B

23ms
23ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTIzMEU4NUNCOUMyMEM2NQ==

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTIzMEU4NUNCOUMyMEM2NQ==
date: Tue, 24 Oct 2023 22:20:23 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C96
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAwcVYdBK0UtgvpyEq5R7CI&google_cver=1&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23n...
https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEAwcVYdBK0UtgvpyEq5R7CI&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23n...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23ndxY1mavuiQMoyU_POiO2wIIqc-8p12aVa...

170 B
188 B

22ms
16ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23ndxY1mavuiQMoyU_POiO2wIIqc-8p12aVaMbGkkjrK5HFmUzxnDIsdI&google_hm=ByrsqJKnxD8YFzxf3231ow==

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSjDDxKuGLPkeyycDg_O-AilH4JEVevqZhgDPVYkCHjmdlFs8AZft1EE3Zuh8Ivp1HuSdRWTFFflWBLk3CBp_1RXh2TwC23ndxY1mavuiQMoyU_POiO2wIIqc-8p12aVaMbGkkjrK5HFmUzxnDIsdI&google_hm=ByrsqJKnxD8YFzxf3231ow==
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C96
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZlaBMfJVTqCWrfhec08pAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

10ms
10ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZlaBMfJVTqCWrfhec08pAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRlNcpS9BGk7zOvY64XjUGR9jXMy3m_End2hURh2t1N2oHK3stELN1ICI473_aump9wrUpGiavpTbzcSLSPUD4AId3KpBDX3ajnBLFzB5THtYtXKf2eX-8Gd18GmGoGVrN3EtGQBx28L62fgcS5CDM

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZlaBMfJVTqCWrfhec08pAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRlNcpS9BGk7zOvY64XjUGR9jXMy3m_End2hURh2t1N2oHK3stELN1ICI473_aump9wrUpGiavpTbzcSLSPUD4AId3KpBDX3ajnBLFzB5THtYtXKf2eX-8Gd18GmGoGVrN3EtGQBx28L62fgcS5CDM
date: Tue, 24 Oct 2023 22:20:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 0C96 42 B
233 B 756ms
251ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOl3teLKPw81WhSg0WxH25E&google_cver=1&google_push=AXcoOmRVyf81BcKkEZKSblT48BxRSt1hlzwNv9BFYLaLI-724lxw4bNCdzei7RjVw1NqgK6KBj-NbjdTLUsF6BVxdC6HT49LHHzic-EF6KYmtLitTJ4QKIeqWkKN-7APBqlYA82xxeWV1vGITwi09PBbnSY
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 22:20:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C96
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEGhNoavvoMinWq-NPYRA-FI&google_cver=1&google_push=AXcoOmRSf2knz1Tj1dCoAk7R544PPpY-OKZ9rcOp7Gntixpa7gn7B1yt8mC7AHz6Pnp-e54f9MEueAgTBWpzbSbm-Nbomguxu...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRSf2knz1Tj1dCoAk7R544PPpY-OKZ9rcOp7Gntixpa7gn7B1yt8mC7AHz6Pnp-e54f9MEueAgTBWpzbSbm-NbomguxuiyYzgjTR9PIbkBf5ol4J3Dp5H4Is...

170 B
188 B

10ms
8ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRSf2knz1Tj1dCoAk7R544PPpY-OKZ9rcOp7Gntixpa7gn7B1yt8mC7AHz6Pnp-e54f9MEueAgTBWpzbSbm-NbomguxuiyYzgjTR9PIbkBf5ol4J3Dp5H4IsuFOaDpaaWIXPBp3kfsucM6K74Sbx_tg&google_hm=afe098ab4582d7561i7aaz00lo4w41lh

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRSf2knz1Tj1dCoAk7R544PPpY-OKZ9rcOp7Gntixpa7gn7B1yt8mC7AHz6Pnp-e54f9MEueAgTBWpzbSbm-NbomguxuiyYzgjTR9PIbkBf5ol4J3Dp5H4IsuFOaDpaaWIXPBp3kfsucM6K74Sbx_tg&google_hm=afe098ab4582d7561i7aaz00lo4w41lh
date: Tue, 24 Oct 2023 22:20:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 302
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0C96 0
12 B 7ms
5ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFz3AJDFbqfLcZ8S8O-Zi5dbKlM9b0YHg1Lmq3IprgSH0l804T2fY3eMzbeGbVdyhuYjRW1w

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 115C 0
0 12ms
10ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1vFzYze49g1JT-vF4mYjyEt6_JYshvEsO4GS9QFbzHI10yvED-hDbNW22_argZhSigaegMb0IPUT4oFlvvfMZhSqolRGortDeGwtfFwer8nvXbwVtCnVCZNp_-6CPYTf3KVIz0DCV1dk4gW8MYWZmBBKXvi94S95snKeWpucmJnxsMrjMQE1kcoj-oinEmMxbB7XUu7Pv_n6OZUC9Ye81qtY412iON1URl7sF1eia01QaL2bGXwML6s8uOpGwWZwFwgrwANWIVzVSGvnS2O33NR6B-mLqlJFyyHppiLsXa2AxcD95dwcfkU2Ds5MhsdapEb0s1k8OpcRe9uMaEhdOHi59HE1RRLvpG2__tGpv_UQ0ACCXMm8fxjNvtJKHihz58XpGoftlRKKo884PLf5hyrcN1x_BjhnTJKWsmAmzQdhHKyayYEJ_XKIoNcK7J2Y__Pcp1UoDJvArZKrQqh1BkUsYKHeQwpkOnuz3XUvq1IsEQOi4CBEq1HWjxTqLjRD0BdVlnkVx9V26o8Q7dm9kwMedBwtSaM5AliqxIGP7qKOEO_J_5cmivgYqWY9HrWgTuRI0A7Vej-AlhhXMjVt_1PL6R7ThO5_aKpf40iwe949Xwekpzd5bvLVTfjGwRWDBpi8-BnLL2vfN4YncSk9Tsg4CuM8E-S7nbaHvUYldH8SCb5Km9rXVpDQ0Cy2xzav5rso8fchzhpkfA50TCAVw1y2CXj2sTc7KgulxQ8cJ4Ch_5k7Dy9J40P5dh2tfahhzE24OJY1qPx8DjSWPW_IQ7NlGaC_eZ1EPZLcAwTY5rB79nS4eUho0szhXVGpPExf3ky1CNENrE0nYcua_Mcoo-HKnubkmWXGgi3yaDDKYwgzfKwv-pTvVrDfSGuF8gmK6EPCzCSWqffsJ8UJf1QOKrgAbYpLqtm5fwmAUZ46PJjKBPMawZ-ecOjybO-GjdYQyy-KClWLx_SK0oQByueW5Q2ss5NFQOb-vApIXm6UwoHmBnOp1spiRJ6QmUk-ms6Xnr03FNsocELC0l8zLiRT1RCDyQBptnKmaL2-84Bp3L-rUAgBhiNgCPq0AsM6NvQCCMHAN_6p6rOzL7gWSZbmSTH2xf_ycCWp_Q8ose-o-JTZyo_03H8DyVott-WD3WZ8dOfaGmomVQvwLNC4xkFizNDBjsIKawAcOML3HMfETZoxj1mctBHZcymkiiKiYICyxOqyC7Y2DQyfNgsHqUc16r6llc3snxnlCQR6u--RRmQg-54QFj59fQd-dNn9eCg&sai=AMfl-YQsxudXfZiSDhkmcM4cOtNIiBUAw28qFClQJYHl56fPGaPdHWYdfGWN4e5oLxWcrNo5Y4AaHxW3MdgdfCmdjpqp-6mWxc2iEePI1Qe3-1vbZNYnoJVUDEPswSpksuYBLVvFDE8M5X716HiHVjtkIC6q_34MdZ6BKEaDIn8Tu-NrL5wTjp1_3OTE2R9B18MVqstCopx7Dw2AN4n82cFwz_XcVnepUX-pzkpKdbMSleXd5QDE0m8mHAnKPnLnklPQzW-rRG4hj_Vb3UO8YS1kE3p2LtXVfMaprRgJQg2vAU9w5r0BkGKmEp_GTydRSwsPa61iMei_h1EHr522_Kb7svx1O6-FGYQm1AsE2rQqXUjz7l20PwvYbmqEfVbwltXGWlkLIVgDJhvqSC9HQzrJuhHQ&sig=Cg0ArKJSzLAUetywsGnNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&vt=11&dtpt=164&dett=2&cstd=0&cisv=r20231023.95792&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 21ms
21ms XHR
text/html 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Eked7QFUj0dUuGex5lSSKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-Eked7QFUj0dUuGex5lSSKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dulichkhanhhoa.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4013 645 B
254 B 16ms
16ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNEDENWYWRitzcT1ATAB&v=APEucNU8R_qNbPSdfrWwSU3L5Z-Of61L1mMkyyX09x7G157WYdDdc9N-db2QH6tl1UP7Yzs2JQ3H8AYf9S0dX0hrNETcVqIAjkWmU3QXFfLdR9jTSkvPTNY

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0925 111 KB
39 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Origin: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 03:05:09 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 0925 7 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 04:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:55:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 0925 23 KB
9 KB 11ms
8ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:33:21 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0925 41 KB
14 KB 13ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 03:25:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 0925 3 KB
1 KB 17ms
12ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 43E0 1 KB
643 B 18ms
12ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 68771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:14:11 GMT
etag: 48472445140208031
expires: Wed, 25 Oct 2023 03:14:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 0925 20 KB
8 KB 13ms
8ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0925 42 B
63 B 18ms
12ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BV7OZzqsBl11dfscFmX5tQmubxmisGPHuL2XM6DQQ2dsfU-SnaT8bxKTUK9FjKL3tBGgV8Z7P3wczcM3eMgIqaNRxWdLykckfwjkOVahIthUhGeeQ

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0925 0
0 65ms
59ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQplYu2x7xHmFZAqg5nzrUNoqrejX0SLdLPQBMWcrXDn8l1xcMlTtkkj4SetMibZ9f0EVnWCADjChCtCp_gw2-lTnSj6A
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0925 187 KB
59 KB 20ms
14ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
DATA 200
OK truncated
/ Frame 115C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1462f696a00b1bbbc052ea91624f21f3bcf697bbe2c0adcf88369d3870d4cd05

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 206B 38 KB
13 KB 7ms
5ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 68089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:25:33 GMT
expires: Wed, 23 Oct 2024 03:25:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4013
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&gdpr=0

43 B
736 B

22ms
22ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNEDENWYWRitzcT1ATAB&v=APEucNU8R_qNbPSdfrWwSU3L5Z-Of61L1mMkyyX09x7G157WYdDdc9N-db2QH6tl1UP7Yzs2JQ3H8AYf9S0dX0hrNETcVqIAjkWmU3QXFfLdR9jTSkvPTNY
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8KC8Bkoa2WuK7XfFhWaGi8ox5ITGTw5iAVTX4pyILhJvZMpWrGIVQVDOaFDrWqs0RZHsYaBp%2BNb%2F%2BJRVkDS%2BF8ph%2BgcU2squJQaLLqyUIKXhjlSgNB40GzlHUYPTRVHpyvwlO9ctssXpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b522ec15fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4013
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&google_hm=2

43 B
730 B

24ms
23ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNEDENWYWRitzcT1ATAB&v=APEucNU8R_qNbPSdfrWwSU3L5Z-Of61L1mMkyyX09x7G157WYdDdc9N-db2QH6tl1UP7Yzs2JQ3H8AYf9S0dX0hrNETcVqIAjkWmU3QXFfLdR9jTSkvPTNY
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkiwXsKrR6cauHNPHh0GqYgsfUChVgI6hyjxIFGnVOktUXjqrqnhMmyACKKgDtj2HWyqD8mNpIGtCLIzbzeyU2xZBYOHY5ri7R70EoB8lddpouc%2Ffa%2BrqljjIAsDWo3zUe430ar3exZvxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b527ef15fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7JmgBht0BuZlfARuATsKY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4013
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEG6Q4rYajVhr1KoKl_WBxCw&google_cver=1

43 B
840 B

4ms
3ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEG6Q4rYajVhr1KoKl_WBxCw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNEDENWYWRitzcT1ATAB&v=APEucNU8R_qNbPSdfrWwSU3L5Z-Of61L1mMkyyX09x7G157WYdDdc9N-db2QH6tl1UP7Yzs2JQ3H8AYf9S0dX0hrNETcVqIAjkWmU3QXFfLdR9jTSkvPTNY

Protocol

Server

103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
an-x-request-uuid: 90a8820b-7b18-4053-9b5b-85b3bbf1fbd9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEG6Q4rYajVhr1KoKl_WBxCw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4013
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

170 B
188 B

8ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Requested by

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
an-x-request-uuid: d070a268-14ee-4ab7-b258-5619463d0222
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30DF 0
0 10ms
10ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiRgAGt409CeM0J4gk2X_yCA-zW7fOP_HIO6ykLr_Q8kGu6UJKIQJmnd_Dh__RpV3jk3TBPiPer6cbfO7GC0zIWHeX4_-Z3fOT1yko3oenc6n3cvpcEzZe2g-FdlbsJW5SEYbKqj83obtw4CAFy2xZfkq2aeQWFmS8Tu76jyzbAaBByduzD6NoEky3xlqqf5puT7vAuj_9pODqD-ioSvFGfOEBp2XlSZjR-5ah9f5wsVbnuwIF1pxxqk1OcP3MjfNL-n1TpTsqySEheF6OHdWp7KPylHxYtA5Fd3f9YXObHKzAh2TwYd3HFo0dCZxmUWuoWyUIpYH_tRTnwSLjnMBtMNqm5uoqtTjQongLlHKMQmJN8NXvxbjI6GlIzgKaY0RQcdT-KVXhi1b5YrmrA8liQfs7ItiFCqMMQqh8ie9vibSr4WQ0Cnp7JE4tu9ouhj8h4o3fHHXdWfM1JdMgOcKG1g_z1Cy5hbL7BRWR7NjukhbL17XFxhHhoFhfarHwqO_2VJm8uHs8frKrnwVOlQTNWwrToUw4aQ40_c3n6n2Ip5z3CXBZvrnD1DF5WfuvGzqKQAHNwO5FxVduWywW-v2BAI044HmYtLmcQ5HRUKrXSv6rzk1IMaoN-W32_IzvV3oJid7ViyvsAgQkvY9p7ozRmN_N-7-ua1EGtqin8AabDdPACd8yZc1EboMQbrj4P9H41tocMZgDwXXlbHw-OfjOg4jIPdwsUBJ1VJ-aDLzOnLQ5m9TDRjNDAsmXKPObtJ6Vola0ALJhueXBZm-UBHQF6ClkKGwO40AJxKSv8GtpPjCqz5u5BUKj20eQbQtUhBdf-z6ijc1egfUs7Ck2ik0bM0aDhLUafGwry-dxD3iJk6KC3_sfqFgDfoTXqTtjNtcMWbUFB59gUy0CAolw8lNYiU1skTcqNNh-xZHhPGHmFCt3RydpbsRJbTS6JjUsp4fIUtmc1KTbZbLZhayoKqU2OqmKj7KvicQDIfw8MjpZR1Ko43MGCadq3yHKKZFuQr2I6v-EX3k2tEhF4yauzfxtirxV1b_v9xWWeJHSJjjCDasouFPNSgtekJ3bRCbfIf2bYonlzVSrM2ZizRqwzQsHFUZpieK-hb_KjCSeJ06x1khysV1V7SBUsaKbznKsLJGAtRlrgp1ReWEBNefGuPWgbE4QKfK6wdOpVqUiNvNs229T7LbNpQErVwK68lYGKZcPudVb1W7fk2L6CqSxBy7cEumTed-O2x0oJyLuCm12rwsDFwtj-1F-xulIAMy-Fgljg-2X7uTx3-EWStus1MHAlpcMMHtLNT4XRR6ng4yPlvwG1nrqzl4om2VA1uuVuiSZeXZFre9oe244q9fgrsoE8JIHuf2XlUCB-4tSdz8jcxSsbBHqPhFEvbhGFojrTv3-ITK0du0CLrDJAakko94YUg&sai=AMfl-YTxxli_LJzx-0cTeUTHSS-We6ZOCKI-vay4AIZCyDY21Lb7rYDfrVH06JKlGfwwXzVrILY6ApMBa852fCspBIgIWcBXwMrdGtQg4AfHJ01Shio-J0Qd_gQocITA4rTrtHm_I1UXucrkDui_wJzLqmZCBTFue2rcA7vlv5NQopkhX-XmDG_Y9AE7-mQrmfjDogUZeEY2D9zUl6zyzcmLtIt7OL-WNiUlU_yYVLoKH5jYGvAzLy2jVTWm3YL6ksYO5iOkeVV83ZQafUHcelyc4ejcb9KXSlg&sig=Cg0ArKJSzBufcSDeuK02EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=570&vt=11&dtpt=363&dett=3&cstd=197&cisv=r20231023.04114&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 120C 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EDBC 1 KB
643 B 12ms
4ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 68771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:14:11 GMT
etag: 48472445140208031
expires: Wed, 25 Oct 2023 03:14:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7602 8 KB
6 KB 14ms
13ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16a980c0662b4942bd9df8493e956c9f35711a24d8129b04239d2cc44cb0018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5827
x-xss-protection: 0

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/17171398766395992679/728x90/ Frame 475D 7 KB
3 KB 5ms
5ms Document
text/html 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9f1bc85419c048798af585d3617f8b6642e05df2ceeb874ec8dfc7282401498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 533345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2640
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 18:11:17 GMT
expires: Thu, 17 Oct 2024 18:11:17 GMT
last-modified: Tue, 12 Sep 2023 03:47:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0925 0
0 16ms
16ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsscuP2_yZElK6hUXjjhQJ1M6DS6Re0f1s1rthY2f15_FTlXXvHNim6ynIIHYnXJPwKAz2LqExSGZl1aQ2RkBYh6Kut7HdoF0VkSWDmOfASDNzd6rNyvUv1qJU-7sqtNPVfoYnq35us2jZAkMZ5gu3RfVwC_v-1pKcn78FB7pTsau9nhnGlagILVmMGromrl9czt2JlhT2pokhtVDdOk4k0vSmZSzupDCLdUSmpbRxCaTthloaTsoX2PVS47OmgJRl3mU6Djms4p0Rxtd3EgjlS6zh0FKdFKBlBWZbnKeE3jselwLyrHGPXAYq3nW1PjpNRFTNVTXHCT3bIY2wL4aJpSd8KUzky-gCr6qf0H8glNQICMEt7wXyYWWXoZcU0I9acw7W23E8EgMH8reRlBKyWu88SOc1vEjziE9iRfUZEWxJbuf60_W3TTpuXm0jqxlmt1eueFbq_yJnmwbw3jMSCN_l560EU6wUl6UMdoEXwjQg4hx4yisPcXCdi3O_EZedbJuutFOnD80h84ljR6OJLNO8lhu9ZysJybgr-46_2dV64Ksq5TwdbYyMR59Zzby2cp2Lo2jkYSQiSRx6AnIh3obISFn6poaBkcQqxd9DR4QSK6Eihsl8c2P1YJQGvUzW-1URoETj7ZGdVYn81hQkJlskW6njf2pLDEZZWFniTaaa9JE2YLyysoibGgMM3lUktO3wVNLkQeYI6sYS6dQ98lPlJigaqZVq2eLVE5mZh5YQ7mk4MZmitInpvOnMdOf25kaRd-ULd78oXofxSUXIn7M1GslbWNx0xGxMDiu9IgD6BbU8CGjQKXaE_32l7dhTtcmprKybGbBOOFnTqvE2OnkUhqB2_MsBazYR-5_xM-ZodR9LOppWhvKUNEkq0f7tcoao103aGSr2FDCgJKAwZtuWjqg3gh7N_XbDwSVXHN9lbft3JUlhN788MxzqnK4NOeVXbEY1bogrwo3YLDa37vzHATEleQPimTbBa1SNDSaQmJUdzG9UCRmF0CbT22mE99ISH38NJ55weSevo2L48zHIPUeO5cvLzJQUNY7qZ8lsD9sdfKAM6hmkbZ2AWb59yb1WWj-Jo3DsIA-4yM-JVkt-27pSbVGK5BuUUQJsTJ4Py7nOgymZvTrG2CdBDfOi0RfLYhVzDPEsLlfztRRKOtjLumf0x391JxjHdnKOW--eDpiZ8Ny0loM3mLdpg-tOfytn_pQhbKBlQHbEDFEYJ0I3AdFOih23N6g5VitTEWFQZ2gROVgOCC0TSpEy_kBx6x6K0MN34x-iOevXoRFvkBLY04YNbcT2hP49TmHn8tW-Ksca-znK8SqAUfega-gnIyfIZi8itpy7UpEF-GiSa-&sai=AMfl-YQctNb8wLSb6SkAV6LDl5Omya_RGVj7ivbi_ghZbSmwINmtmrcYauIhKEPvnUhhUsAg20pSe8wvpawdGbmi3q59ny_46gK3LI622koowLeyDICxLwhaySSPvxivfAYWFJEy7a9MKRmkYVU0yMIK8EeKAxyEX51-IhPYwHyfBUY8W7V9EwcjsvmQI7YGWSOeIYUT1NTjCU4Pxu6_XgheKlLdrTtekP7SbUDwxAiPhKdDkEfEiKIqNsPj1-Qlli8_MkOaBkCHn6nkxhYMxUDPf94rhf93IaQa_bRgfB_xs1Vpz9CaOTB9GY_OzbCdGEgOGJ3HTI3B5PtV1ZJ3-d0h9viF7qXYfjo1wKWFxjhAA3aSHBzagQHpmwNEAWTY453guLWZLbtJAcZpwuE1LdNL7cTP&sig=Cg0ArKJSzFaCelkifE9AEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=282&cbvp=1&cstd=278&cisv=r20231023.09459&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Oct 2023 22:20:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGy_N3CTlhtnBbAe_i7oYY&google_push=AXcoOmRyJ93D4ODTKfcGlebNUjKyLT71_Tfwqm_PRCuLlUiwCLhuODNwbR...

170 B
188 B

9ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGy_N3CTlhtnBbAe_i7oYY&google_push=AXcoOmRyJ93D4ODTKfcGlebNUjKyLT71_Tfwqm_PRCuLlUiwCLhuODNwbRlNYQHfU9_Gij9HTYFYb5YcINW-88NtAvRu2dQZNMWwErA7raTtRdh_jkAKSUm_R6ftf31HZNxX1by3i4D7TsLHHTeH6OKLRA

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-qpg1272-QPG
pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698186023.970682,VS0,VE231
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGy_N3CTlhtnBbAe_i7oYY&google_push=AXcoOmRyJ93D4ODTKfcGlebNUjKyLT71_Tfwqm_PRCuLlUiwCLhuODNwbRlNYQHfU9_Gij9HTYFYb5YcINW-88NtAvRu2dQZNMWwErA7raTtRdh_jkAKSUm_R6ftf31HZNxX1by3i4D7TsLHHTeH6OKLRA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK3-rjed86Em_LugLpvXHF0&google_cver=1&google_push=AXcoOmTLzh1A8qPV9Xm0G4Bg5vHXWBxsdhxrHjfjUyuWiKIzf7f2u7qO_HI7r86MjMHS_Y6T5dl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQxRkUtMUQtQjlKVQ==&google_push=AXcoOmTLzh1A8qPV9Xm0G4Bg5vHXWBxsdhxrHjfjUyuWiKIzf7f2u7qO_HI7r86MjMHS_Y6T5dlTsjZw6BLauLeFAXn8U9OBJTzZi...

170 B
188 B

8ms
8ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQxRkUtMUQtQjlKVQ==&google_push=AXcoOmTLzh1A8qPV9Xm0G4Bg5vHXWBxsdhxrHjfjUyuWiKIzf7f2u7qO_HI7r86MjMHS_Y6T5dlTsjZw6BLauLeFAXn8U9OBJTzZiHRyWHKF7YGN3Ryq85iGjqTzuC1fXq2xaDC6n2hbl6So53Qd5BigRf0

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQxRkUtMUQtQjlKVQ==&google_push=AXcoOmTLzh1A8qPV9Xm0G4Bg5vHXWBxsdhxrHjfjUyuWiKIzf7f2u7qO_HI7r86MjMHS_Y6T5dlTsjZw6BLauLeFAXn8U9OBJTzZiHRyWHKF7YGN3Ryq85iGjqTzuC1fXq2xaDC6n2hbl6So53Qd5BigRf0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E0
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEBY9mF4pxPG9CD-GKnq2ldg&google_cver=1&google_push=AXcoOmTboAKKiBn3qRaiuyG3PXwIiDnF48MERkHWB3XHYF4GazY0Sqh0PzJVwL2fK-8ARvLoHGbgM0IzAl_XHEXVy...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTboAKKiBn3qRaiuyG3PXwIiDnF48MERkHWB3XHYF4GazY0Sqh0PzJVwL2fK-8ARvLoHGbgM0IzAl_XHEXVyHigVsa4dKZudbIL3mJJ-LOnn-z7n7hKSArZBW79-26...

170 B
188 B

8ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTboAKKiBn3qRaiuyG3PXwIiDnF48MERkHWB3XHYF4GazY0Sqh0PzJVwL2fK-8ARvLoHGbgM0IzAl_XHEXVyHigVsa4dKZudbIL3mJJ-LOnn-z7n7hKSArZBW79-26xKJEVgjd-ekwcrTCoAV2pibM&google_hm=AWaF1mJZxUlkqd8oZRCN54I

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTboAKKiBn3qRaiuyG3PXwIiDnF48MERkHWB3XHYF4GazY0Sqh0PzJVwL2fK-8ARvLoHGbgM0IzAl_XHEXVyHigVsa4dKZudbIL3mJJ-LOnn-z7n7hKSArZBW79-26xKJEVgjd-ekwcrTCoAV2pibM&google_hm=AWaF1mJZxUlkqd8oZRCN54I
Date: Tue, 24 Oct 2023 22:20:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 286
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame 43E0 0
134 B 774ms
253ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELEQw9bUhLkfdtYLZ1xhBK4&google_cver=1&google_push=AXcoOmSTJyqTIP4VN2qy8Th5TUZh8tpOaefA7DwUNOYwZMjxMyflLAw898l9Hh6IwzLcjk8O9vuN2OhdWVM35BBwM5eGvSSXGOP7N-R68taFYjXgcYWJEJ5GcvuqYKyF_3ZEAxdYmfAsBjgIzJoF2Ka6__A
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 24 Oct 2023 22:20:23 GMT
server: CookieSync Server
content-length: 0

GET
H/1.1 200
OK ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 43E0 11 B
218 B 264ms
81ms Image
text/html 35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEGtIythTYmYUJ4ZbDam1UtM&google_cver=1&google_push=AXcoOmQjoblqWbXLk1rUNRScjCuL2GyoTD8A8t5qRw1APgKxTMAMKR28iFXv1w6IPHWqKZPtUqsv5ZbBoOb7gKV0BRXB9TNN_Kytm3t7Eh7dh4dnmPyvrE3s7afPGDXrQVjkJddBlcXd_HuBXQlH8N8AHZY
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 22:20:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 11
Content-Type: text/html; charset=UTF-8

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 43E0
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEDfmFDQ7bPn3dGGcU0gwL48?ext-param=AXcoOmQTfCQqYu2luaKFTQjHILKkkYlnSS1oMTS9ZXSs0Noa9g9torud-s1wfz6bvcTdU6_1lHBdpUjCdccTu2r-MY3WunAEZidVD0UxIgodoVypXs8JqVeyL0PD...
https://an.yandex.ru/mapuid/google/CAESEDfmFDQ7bPn3dGGcU0gwL48?redir-setuniq=1&ext-param=AXcoOmQTfCQqYu2luaKFTQjHILKkkYlnSS1oMTS9ZXSs0Noa9g9torud-s1wfz6bvcTdU6_1lHBdpUjCdccTu2r-MY3WunAEZidVD0UxIgod...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDfmFDQ7bPn3dGGcU0gwL48&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

203ms
203ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 08 Oct 2024 22:20:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E0
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPiFri7Li...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f7e7d00c-2fb2-43ae-8841-80cb94072506&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

7ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f7e7d00c-2fb2-43ae-8841-80cb94072506&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f7e7d00c-2fb2-43ae-8841-80cb94072506&%%GOOGLE_PUSH_PAIR%%
Date: Tue, 24 Oct 2023 22:20:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 43E0 0
12 B 7ms
5ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDkCm8u5aDmeo5Fsd894FzPFNfvistXfvV81XSoywbCLaGHrXkCk69osZd8f0jtiXppCRWv6s

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7602 17 KB
6 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 22:20:22 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame 475D 186 KB
48 KB 154ms
47ms Script
text/javascript 2403:e800:e80b::2a63:8c9b
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2403:e800:e80b::2a63:8c9b , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 24 Oct 2023 22:35:23 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/17171398766395992679/728x90/ Frame 475D 70 KB
16 KB 5ms
5ms Script
application/x-javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cdf94cf23e37c6556cbface103bb9eeab69a90453f832611a61682cbcb33fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16316
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 03:47:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 11:32:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 808F 645 B
254 B 11ms
10ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGIvPsaABMAE&v=APEucNVQvgjmEYNNbNL4rP0r-XTZVpDCAaMtAegg412CljP-dUEb7K5GQ03Mv-IoZXELV4fibBk0HWgyyuMpLbFU8gVHXHzcn9B7RLsewatB3r128aEbo9s

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 120C 111 KB
39 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Origin: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 03:05:09 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 120C 7 KB
3 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 04:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:55:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 120C 23 KB
9 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:33:21 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 120C 41 KB
14 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 03:25:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 120C 3 KB
1 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E86A 1 KB
643 B 7ms
7ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 68772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:14:11 GMT
etag: 48472445140208031
expires: Wed, 25 Oct 2023 03:14:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 120C 20 KB
8 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 120C 42 B
63 B 7ms
7ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXjq-zm8L_AXCWrYFexKuNIvvFNL-ku4az5OnfCNAcdWKoJSkoHdAsF9FPOoHu9JbSara-1B7owEXnsxcTqCiaUnrto2gmT5RGKUZGpyloffadncQ

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 120C 0
0 50ms
50ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC7DzRlgltUrrg8vFQoU-O9r1qTDUsoiPbefeDR-v5ItmN-_tSWn8ydLRDiqFijeiZInrX5-GPKAoVc1y3v9A5yfgQYw
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 120C 187 KB
59 KB 8ms
8ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:23 GMT

GET
H3 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF13 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 206B 38 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15035
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:13:12 GMT

GET
DATA 200
OK truncated
/ Frame 0925 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deb65a057a44f24e1fedbaba08597667a69bce2c9fe436109dd8060219b66bb7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 18F9 38 KB
13 KB 9ms
3ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 68090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:25:33 GMT
expires: Wed, 23 Oct 2024 03:25:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 808F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzKbSgLvJ0MCrufnIDJKis&google_cver=1&gdpr=0

43 B
738 B

20ms
19ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzKbSgLvJ0MCrufnIDJKis&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGIvPsaABMAE&v=APEucNVQvgjmEYNNbNL4rP0r-XTZVpDCAaMtAegg412CljP-dUEb7K5GQ03Mv-IoZXELV4fibBk0HWgyyuMpLbFU8gVHXHzcn9B7RLsewatB3r128aEbo9s
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Fwz2cyrHdxjqnn5S7hyk1whDniyrXI8xl%2FR0opwk6h0DPHsDTg3%2Fz8sgUdA%2BAHVebGz4IyTFtzaMfFii3mYUpxGIRvjBCl%2BFCOfP4i%2B5088MkkW3Bb4cBevrZ8oufb4kd4k2%2Fx5lvunXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b5488675fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzKbSgLvJ0MCrufnIDJKis&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 808F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2

43 B
731 B

23ms
23ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGIvPsaABMAE&v=APEucNVQvgjmEYNNbNL4rP0r-XTZVpDCAaMtAegg412CljP-dUEb7K5GQ03Mv-IoZXELV4fibBk0HWgyyuMpLbFU8gVHXHzcn9B7RLsewatB3r128aEbo9s
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avYL%2Bj%2Ba1SarLjHZgrgZC1GOzbxHlIs0Xp2rrQtt0aaXX%2BsdspfAFDGD3xqiYLn2rcWvmRGFHQyVksZSi1ehkOfACspUVRFGJmnS1Yx2NMJGZ1ZopQ6qEZs8eMbah4hcWfT9yTkBuKSGVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b54a87c5fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 808F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1

43 B
841 B

8ms
8ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGIvPsaABMAE&v=APEucNVQvgjmEYNNbNL4rP0r-XTZVpDCAaMtAegg412CljP-dUEb7K5GQ03Mv-IoZXELV4fibBk0HWgyyuMpLbFU8gVHXHzcn9B7RLsewatB3r128aEbo9s

Protocol

Server

103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
an-x-request-uuid: cdb9a6aa-b2bc-4efc-a31c-21ad8df1e225
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 808F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

170 B
188 B

11ms
11ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Requested by

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
an-x-request-uuid: 5caa8b29-304b-4404-b76c-1c5cc53552f0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 240x60-(728x90)_P2.jpg_1694761249115_240x60-(728x90)_P2.jpg
s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64f7141517750030774a4872/original/ Frame 7602 76 KB
76 KB 5ms
5ms Image
image/jpeg 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64f7141517750030774a4872/original/240x60-(728x90)_P2.jpg_1694761249115_240x60-(728x90)_P2.jpg

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578ddb198d6fbfeed4796618ef6b60b1890fef4d77a83801d386c4d8b0b92190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 00:40:56 GMT
x-content-type-options: nosniff
age: 77967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78251
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Oct 2024 00:40:56 GMT

GET
H3 200 IG_Logo_62x54_(728x90).png_1690891912925_IG_Logo_62x54_(728x90).png
s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64c1f43747dd7e4355ceaeaa/original/ Frame 7602 2 KB
2 KB 11ms
10ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64c1f43747dd7e4355ceaeaa/original/IG_Logo_62x54_(728x90).png_1690891912925_IG_Logo_62x54_(728x90).png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6cd1b3fe078af8d025e35f02e352243b0d17bede9fbb1a861852360bc1fa30e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:00:48 GMT
x-content-type-options: nosniff
age: 469175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1976
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 12:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 12:00:48 GMT

GET
H3 200 logo2.png_1690891912925_logo2.png
s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/6452127f81d20ed293e25136/templates/6491c0bcbfbb6bbd48498f29/content/ Frame 7602 2 KB
2 KB 10ms
9ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/6452127f81d20ed293e25136/templates/6491c0bcbfbb6bbd48498f29/content/logo2.png_1690891912925_logo2.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00383f2dcb90fd282ef7aa05a3ae9bc9b70f6080e3ebb4c1be84d9c7ac053d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=YtZgxT8dDn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:11:59 GMT
x-content-type-options: nosniff
age: 342504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1724
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 12:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 23:11:59 GMT

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame EDBC
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEG23Hz5YC4O7YZ70XXER4iI&google_cver=1&google_push=AXcoOmTcnrVjRpJeD39zC6Apa2tsaS7jhrYtWf3Kp0WoWWIHLV5XWM-Ea81sxnwpytCia...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlRoREpzQ284WUVBQUkzVFgzTUFBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBfOqfWtOjldhMCVWAyymKw&google_cver=1

43 B
944 B

85ms
85ms

Image
image/gif

124.146.153.152
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBfOqfWtOjldhMCVWAyymKw&google_cver=1
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: HTTP/1.1
Server: 124.146.153.152 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 22:20:23 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEBfOqfWtOjldhMCVWAyymKw&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.238","key":"ZThDJsCo8YEAAI3TX3MAAAAA","privacy_sensitive":false,"uid":"ZThDJsCo8YEAAI3TX3MAAAAA","upstream_id":"m-ad40"}
X-SO-Key: ZThDJsCo8YEAAI3TX3MAAAAA
X-SO-Upstream-ID: m-ad40
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad40.dc4p.scaleout.jp
X-SO-UID: ZThDJsCo8YEAAI3TX3MAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 209.58.162.238
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 1
X-SO-LB-Hostname: m-ng22.dc4p.scaleout.jp

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBfOqfWtOjldhMCVWAyymKw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDBC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDb-XX1dTQYYjj2SlnGFhoA&google_cver=1&google_push=AXcoOmSVD53CWdI17UVJj1EgsVWfeYw3yCWeDYwc64067AB_Kdbe8TKaMiCnmYYjLOv-tZSLJDKpkibzNvjysw6...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmSVD53CWdI17UVJj1EgsVWfeYw3yCWeDYwc64067AB_Kdbe8TKaMiCnmYYjLOv-tZSLJDKpkibzNvjysw...

170 B
188 B

15ms
14ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmSVD53CWdI17UVJj1EgsVWfeYw3yCWeDYwc64067AB_Kdbe8TKaMiCnmYYjLOv-tZSLJDKpkibzNvjysw6bKGmfg8Cs7AN531kjOy4EJqHxng-Nd1EzdnfTVZz12IuDtxekM0dWaCZ-SmNwn4SOX9Q

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmSVD53CWdI17UVJj1EgsVWfeYw3yCWeDYwc64067AB_Kdbe8TKaMiCnmYYjLOv-tZSLJDKpkibzNvjysw6bKGmfg8Cs7AN531kjOy4EJqHxng-Nd1EzdnfTVZz12IuDtxekM0dWaCZ-SmNwn4SOX9Q
Date: Tue, 24 Oct 2023 22:20:23 GMT
Connection: keep-alive
Content-Length: 297
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame EDBC 42 B
233 B 509ms
263ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBqFvns6M1NxZR4hVXZYx5I&google_cver=1&google_push=AXcoOmRQGZFWuXsueKl3FWhLvCCfHTGWsCD89uMHl6bMxSdpOm-w4_GjAcV8YuNeedx02M9Bs6P_wLbi3u1XWMQD5LMyURwoLyKQw8SwltbFq3oLLO09n7hJ7hfa7Az8l9TH_NwqRaR8o8_EYwqX9aZ4S0M
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 22:20:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDBC
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIMTwDnxnwgjEvHlE75FLmE&google_cver=1&google_push=AXcoOmSiS_MEKNN2FSbKWVPJ6YO2xbjQ48-6HrGz70O646QA4h_qiXJkkERmVB5T2sO6qJUgcb8zWQYi6G2p...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSiS_MEKNN2FSbKWVPJ6YO2xbjQ48-6HrGz70O646QA4h_qiXJkkERmVB5T2sO6qJUgcb8zWQYi6G2pDEHfvY5wSa20qVyW_azXpV7J-MZFCRATbe5E...

170 B
188 B

8ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSiS_MEKNN2FSbKWVPJ6YO2xbjQ48-6HrGz70O646QA4h_qiXJkkERmVB5T2sO6qJUgcb8zWQYi6G2pDEHfvY5wSa20qVyW_azXpV7J-MZFCRATbe5EL-J2YVV_Cw7KSlR0iFs_O-t6NpGzbM_B_2U

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSiS_MEKNN2FSbKWVPJ6YO2xbjQ48-6HrGz70O646QA4h_qiXJkkERmVB5T2sO6qJUgcb8zWQYi6G2pDEHfvY5wSa20qVyW_azXpV7J-MZFCRATbe5EL-J2YVV_Cw7KSlR0iFs_O-t6NpGzbM_B_2U
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDBC
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGoYq-4ci1j2bHLrZ1taRzQ&google_cver=1&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIzMno7RwhCkNwXRHIf2nGsqE9QqBbuD6Y6QE...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIzMno7RwhCkNwXRHIf2nGsqE9QqBbuD6Y6QEI...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIz...

170 B
188 B

12ms
12ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIzMno7RwhCkNwXRHIf2nGsqE9QqBbuD6Y6QEIlmIuaSZnDznHerXL5KHa489ZomZNC2PluFSFdLmJd5AUJMeRni10a9gg

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmQDt_CYc-jM5-YYLNCa8peusK68QhD3k92Z28TxVw2iUTa9y6ug5g0mvtIzMno7RwhCkNwXRHIf2nGsqE9QqBbuD6Y6QEIlmIuaSZnDznHerXL5KHa489ZomZNC2PluFSFdLmJd5AUJMeRni10a9gg
date: Tue, 24 Oct 2023 22:20:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDBC
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEMe6Yey6wRwTp0Q4opAIs_U&google_cver=1&google_push=AXcoOmQMEfPWsGZfey62K2Ddlzx7n9HFYYD4b2ppEctDOuR3zV-O0H6HR4qwFTNyfaF_wpAlMgnCK0IHoZaoio0IbFYM40KCM...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQMEfPWsGZfey62K2Ddlzx7n9H...

170 B
188 B

12ms
12ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQMEfPWsGZfey62K2Ddlzx7n9HFYYD4b2ppEctDOuR3zV-O0H6HR4qwFTNyfaF_wpAlMgnCK0IHoZaoio0IbFYM40KCMsZ-BV_HgGwPhe537y218C9Lp9wYGDloBrEnaqKlC32aGXI_fxk312xDLA&gdpr=&gdpr_consent=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&mn_hm=MzQxMTg3NjIyODA5NDI0MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQMEfPWsGZfey62K2Ddlzx7n9HFYYD4b2ppEctDOuR3zV-O0H6HR4qwFTNyfaF_wpAlMgnCK0IHoZaoio0IbFYM40KCMsZ-BV_HgGwPhe537y218C9Lp9wYGDloBrEnaqKlC32aGXI_fxk312xDLA&gdpr=&gdpr_consent=
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Tue, 24 Oct 2023 22:20:23 GMT

GET
H/1.1 200
OK ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame EDBC 11 B
218 B 177ms
81ms Image
text/html 35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESENN1E70OFX6fzrMLNZbSiV0&google_cver=1&google_push=AXcoOmT6e4x2ms48NSPbp2juybJeESrZJw_tZwEzuYpoIUhnAjaIhXyYABTRMdW1WazGEb9nojJN9O1VaG1mXzRgHrYTfqqEPN1qlYfdHMKwAmDv1vK58Wp7ikSFKaXUYI3OGm42yTlh5zQIHbfZrVkeWoo
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 22:20:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 11
Content-Type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EDBC 0
12 B 6ms
5ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1w6U1n1e2jJTvJwVNIuxR_9GmhPm3XNpakqA8qlJHfMhJWq1mETnIlPeIIVm42QDd1XCU

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 MatterIGTF-Regular.woff
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 37 KB
37 KB 5ms
5ms Font
font/woff 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/MatterIGTF-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3709f0b3c56713e100405243fa3a75a67b9de7421785828af916e5ba9f9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/adStyle.css
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 22:44:47 GMT
x-content-type-options: nosniff
age: 430536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37648
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 22:44:47 GMT

GET
H3 200 MatterIGTF-Bold.woff
s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/ Frame 7602 37 KB
37 KB 9ms
9ms Font
font/woff 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/MatterIGTF-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b83e82fe2093787ba52a12613cacd40dc62b25d6ed99ee1c8bb1563282af528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3479513867711676416/728x90-Segmentation/adStyle.css
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:44:45 GMT
x-content-type-options: nosniff
age: 66938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38208
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:27:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 03:44:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5ABC 645 B
254 B 25ms
25ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiOkqQDEL3b0qQDGK6k5fQBMAE&v=APEucNWBP-DQ9APAkr2UwirfRdujBI_fmCUiswLTO20kYbQ398cTGxAiljQbXRJit-NrFH97k5AvXREp-0L_v6iUAmIiL12LGBPyXqqvkR1aEfuSUbaX3Ok

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EF13 111 KB
39 KB 20ms
18ms Script
text/javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Origin: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 03:05:09 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame EF13 7 KB
3 KB 18ms
17ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 04:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:55:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame EF13 23 KB
9 KB 17ms
17ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:33:21 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EF13 41 KB
14 KB 17ms
17ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 03:25:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame EF13 3 KB
1 KB 15ms
15ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 63B0 1 KB
643 B 17ms
16ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 68772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:14:11 GMT
etag: 48472445140208031
expires: Wed, 25 Oct 2023 03:14:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame EF13 20 KB
8 KB 17ms
17ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EF13 42 B
63 B 17ms
16ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CdcxOFCC3srTfLYmKt-Xaz8TvKxalDJc8XOTcxcR1AoOHGIG9Q54yBozY51ku9xnSeAWJLDs65mI_ZlmwVSBqaMrxUGNdkSayO3882V_1u3NapwVQ

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EF13 0
0 60ms
59ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQk8Jiei4p6IE4aMsRhVneFjIrnsKLqZ_1wQFFzD7CoRixkydfPKow5UV3EKeb-oW6iii_jo_99Ksok3b5xZHU3wBzKJA
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF13 187 KB
59 KB 17ms
17ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:23 GMT

GET
H3 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame FCE8 39 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 08:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Oct 2024 08:33:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E86A
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOrcy5ddgIx_LK16avFmufE&google_cver=1&google_push=AXcoOmQ19bTp4FmtUxJhfWKbvvjRploYEJYlfhfFVp_heiKc6Vai3CK...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7e0f706b44a31fb1&is_secure=true&networkId=14000&version=1&google_gid=CAESEOrcy5ddgIx_LK16avFmufE&google_cver=1&google_push=AXcoOmQ19bTp...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALP9sGfvdl1gN6Fx3AAAAAAAA&expiration=1698272423&google_cver=1&is_secure=true&google_gid=CAESEOrcy5ddgIx_LK16avFmu...

170 B
188 B

11ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALP9sGfvdl1gN6Fx3AAAAAAAA&expiration=1698272423&google_cver=1&is_secure=true&google_gid=CAESEOrcy5ddgIx_LK16avFmufE&google_push=AXcoOmQ19bTp4FmtUxJhfWKbvvjRploYEJYlfhfFVp_heiKc6Vai3CKflxO2zj6-09qPDtzqmTHtpguFYl2xpe7HikZVvDbMuyo

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALP9sGfvdl1gN6Fx3AAAAAAAA&expiration=1698272423&google_cver=1&is_secure=true&google_gid=CAESEOrcy5ddgIx_LK16avFmufE&google_push=AXcoOmQ19bTp4FmtUxJhfWKbvvjRploYEJYlfhfFVp_heiKc6Vai3CKflxO2zj6-09qPDtzqmTHtpguFYl2xpe7HikZVvDbMuyo
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E86A
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEK1TUXwtQ1uX7BLd_7OXzxk&google_cver=1&google_push=AXcoOmSD6PGAFDnWXsmk5ye5UmC1aR9BPFb93Vby5fHmxEPT4zgljObC1dfW_tnebLFAXrFropbzxd2tgKv-PwUpdbA2IClwDGE
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSD6PGAFDnWXsmk5ye5UmC1aR9BPFb93Vby5fHmxEPT4zgljObC1dfW_tnebLFAXrFropbzxd2tgKv-PwUpdbA2IClwDGE

170 B
188 B

12ms
11ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSD6PGAFDnWXsmk5ye5UmC1aR9BPFb93Vby5fHmxEPT4zgljObC1dfW_tnebLFAXrFropbzxd2tgKv-PwUpdbA2IClwDGE

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSD6PGAFDnWXsmk5ye5UmC1aR9BPFb93Vby5fHmxEPT4zgljObC1dfW_tnebLFAXrFropbzxd2tgKv-PwUpdbA2IClwDGE
Date: Tue, 24 Oct 2023 22:20:23 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync_before
tg.socdm.com/rtb/ Frame E86A 43 B
1 KB 81ms
78ms Image
image/gif 124.146.153.168
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESENaJQBwQJlphEWc43ZIJfUo&google_cver=1&google_push=AXcoOmQHszWm-mKKy_t9Zanpisb-TCtOwqWl5Kjh36EWYU8pwPMChLeP2WK-iS3TEqBOHU4u0qVogYqn8tINodefgWn1oLrM_kU
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.153.168 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 22:20:23 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google&sspid=google&google_gid=CAESENaJQBwQJlphEWc43ZIJfUo&google_cver=1&google_push=AXcoOmQHszWm-mKKy_t9Zanpisb-TCtOwqWl5Kjh36EWYU8pwPMChLeP2WK-iS3TEqBOHU4u0qVogYqn8tINodefgWn1oLrM_kU","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.238","key":"ZThDJsCo8YEAAI3TX3MAAAAA","privacy_sensitive":false,"uid":"ZThDJsCo8YEAAI3TX3MAAAAA","upstream_id":"m-ad40"}
X-SO-Key: ZThDJsCo8YEAAI3TX3MAAAAA
X-SO-Upstream-ID: m-ad40
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad40.dc4p.scaleout.jp
X-SO-UID: ZThDJsCo8YEAAI3TX3MAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 209.58.162.238
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 2
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E86A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBl2jyCgIKsH-FjImssRR38&google_cver=1&google_push=AXcoOmQCiUnB-AXb0AQPOpPjvZBCIYmit3umJDL2VVEOzCDF2JnXexEvCV6d94PQAVS6rcuz8NMkjqXa5bMPNqkT...
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=3b5a4c90e3&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=3b5a4c90e3&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

271ms
270ms

Image
image/gif

52.46.130.91

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=3b5a4c90e3&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

HTTP/1.1

Server

52.46.130.91 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 22:20:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PH484WKXFRT5GWDX649Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 22:20:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NFR9BVV1N0873P2ZTH81
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=3b5a4c90e3&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E86A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH8Ml1Yp-9tYMon5VtTdu6A&google_cver=1&google_push=AXcoOmR-7-jQ1WRUJ8lvxnk8qbB-0t9RDA2VWow1ti2PCeV_bzImHEKa1DQ0UQoHxXDD73rFp0tzPh-qx3lS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-7-jQ1WRUJ8lvxnk8qbB-0t9RDA2VWow1ti2PCeV_bzImHEKa1DQ0UQoHxXDD73rFp0tzPh-qx3lSmvDB1tKOktdZprM

170 B
188 B

13ms
13ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-7-jQ1WRUJ8lvxnk8qbB-0t9RDA2VWow1ti2PCeV_bzImHEKa1DQ0UQoHxXDD73rFp0tzPh-qx3lSmvDB1tKOktdZprM

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-7-jQ1WRUJ8lvxnk8qbB-0t9RDA2VWow1ti2PCeV_bzImHEKa1DQ0UQoHxXDD73rFp0tzPh-qx3lSmvDB1tKOktdZprM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E86A
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGv40Svr6T32jaXai69ts-o&google_cver=1&google_push=AXcoOmQXBAbaibdmPpF8x5K1xJe9W7QRv3iGJ0Rf-2-FGIhuCVtICP8lp...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQXBAbaibdmPpF8x5K1xJe9W7QRv3iGJ0Rf-2-FGIhuCVtICP8lpGhaOToC0VhWdo3y3u0d4JiC9C7IHcSCh8pJQxF9GDI&google_hm=QlMuNDdmMy01MmM4LTQ...

170 B
188 B

9ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQXBAbaibdmPpF8x5K1xJe9W7QRv3iGJ0Rf-2-FGIhuCVtICP8lpGhaOToC0VhWdo3y3u0d4JiC9C7IHcSCh8pJQxF9GDI&google_hm=QlMuNDdmMy01MmM4LTQ3YTctYjY1Yw==

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQXBAbaibdmPpF8x5K1xJe9W7QRv3iGJ0Rf-2-FGIhuCVtICP8lpGhaOToC0VhWdo3y3u0d4JiC9C7IHcSCh8pJQxF9GDI&google_hm=QlMuNDdmMy01MmM4LTQ3YTctYjY1Yw==
Date: Tue, 24 Oct 2023 22:20:23 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E86A
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEFLYugXIv7wtuBbIyYlH4zg&google_cver=1&google_push=AXcoOmRFccR2i7AAjziBL0bYqyUF2CBAsStgYN985ceQkyFPVukF3b3BQDYuIyiHCZ2...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRFccR2i7AAjziBL0bYqyUF2CBAsStgYN985ceQkyFPVukF3b3BQDYuIyiHCZ23oUsXp6zF2_DYlrmWiYX-q8r5LOKhRSNr

170 B
188 B

8ms
8ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRFccR2i7AAjziBL0bYqyUF2CBAsStgYN985ceQkyFPVukF3b3BQDYuIyiHCZ23oUsXp6zF2_DYlrmWiYX-q8r5LOKhRSNr

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 2cde97c.2e037e80
date: Tue, 24 Oct 2023 22:20:23 GMT
x-bytefaas-request-id: 2023102422202339B5DEA3ADF8AE0817F1
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-52-171-85.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 248,23.52.171.85
server-timing: cdn-cache; desc=MISS, edge; dur=250, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023102422202339B5DEA3ADF8AE0817F1
x-cache-remote: TCP_MISS from a23-55-171-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRFccR2i7AAjziBL0bYqyUF2CBAsStgYN985ceQkyFPVukF3b3BQDYuIyiHCZ23oUsXp6zF2_DYlrmWiYX-q8r5LOKhRSNr
x-bytefaas-execution-duration: 4.24
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 016579115c7dce97516b692b78951b7f9f5d3b1599dbc230316307fe91249fcbd81c0e020f35e4c3ed8c4ac7f3019b3cfd924ec3eea549a23d56fe299b36f4cca98770e4afe84faac4f325a32e1f44027a764d98a5211c8bcac621d8fdf0454ad29a7ba3971138566ecf056b9dad577fbb
x-origin-response-time: 9,23.55.171.75
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Tue, 24 Oct 2023 22:20:23 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E86A 0
12 B 10ms
7ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kvs1msFMrGMueIxp-PtOEfNF_qHfHuC0TBTuMGVyew6LxYGEPe568cQbLjpIQe9XCv4pkY3y4

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 impressionTrackerOandaIABTCF20.js Show response
a.svtrd.com/media/s/1371/1/ Frame 120C 2 KB
2 KB 6ms
5ms Script
application/javascript 13.33.88.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.svtrd.com/media/s/1371/1/impressionTrackerOandaIABTCF20.js?adID=566504804&advertiserID=8939372&campaignID=25601289&creativeID=198329165&placementID=298616307

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-9.sin2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: n3pvyfi5JkIlvVIaALnmqOoEVt1o140V
content-encoding: gzip
via: 1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
date: Mon, 23 Oct 2023 23:42:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SIN2-P2
age: 81477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 05 Aug 2020 12:46:05 GMT
server: AmazonS3
etag: W/"b773a034d0bbd2aac615ce793952d1fc"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: hI3RwVKrkRnnGkYpBb7cgzhmGFl6n93evmzXIEFt-UWnbBPBWxDrhA==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2637942969135582680/ Frame 9C2C 85 KB
21 KB 15ms
8ms Document
text/html 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa1c992457107007e11904935f623c5afe5fda6147592b4fd6d97074337a7fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21152
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 23:03:20 GMT
expires: Tue, 22 Oct 2024 23:03:20 GMT
last-modified: Mon, 11 Sep 2023 13:49:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 120C 0
0 22ms
17ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNxFQGZp9nj4m9hT867lZTDukvoE3J8imF4QabU5PNIIUujQrNgc_BrrWNcXJ8o5P5B03OxMP1fYVOJ2zGar2O-Xr7jLpeqT6Xbj56HesLsFGFFsXZkZwR1Pn2937ypHLQAdExDGIVnI1Gc952wg5KlvaBJHPOKn_RcfRwrTw5OSlpIpjPogFUo1dk5Vg3FUCx9L_CaWqpTcMC0SGC6jsvbqtcX9IeKhhk4b3fWWio67xpm3B16Chq7SkAacr3TnYvSE3Q_0_TiMicQxDptRoAcwMOSh6IIzGFtIfviUbx3lPR0HrbJun2Uypm5xnzBSQ2ooMcthsUDgzWsZL_TaNYE8LoPOX7CrxIVmujq5bLGzO6em4r00m_xasJLvvUsG5WmkTccLSz3hftX9M93-UqRJXvo_fe-zK72zw1wdypWa2rgIyS01FABSLyiIxB3RGrTfXfYJMIyhFB8fKEbaeYqn4_crJI9fyWD-AS7QF6g_oTjn9a7F7u49qrVLp5ZLzGU0KmL7mAf0VfDBnKzLh7ZJR5elearkxeat3pSkzXZEGkzPCgrnwaBRksg_520Zz6wxN97sYOBvBQuMYXckYRoOQFSLgUztJLVxxD6AZuKvMVw9R3gJluTzNRMwEn37KAa55ytWzY9QHej4HqucWiSSIqc19Q8_4pPoT8jl7UQfQ-wiw8kg1sU1drEMqGjHWaVp-JQZA9I39x48vFcyfPa-o3eAeb9sqD1ufqyXNc7yAM0g7Ync5fHKUavK_EiguAV4YKRbhz587_KJZUsgWif06sFIl5qzyZ6Hbqs5xQTeukEwhExCvUbP7f7xgAL7UogBsuUgL_K9YjYu_c75SDdoshTgmTBOpTYNVnWh0DxNv2Jwc7C2pW1MBqTEzFL6vPP0SmDRZlHod9sjHFu2x4bg-e6zOl5VxY5G0cAWmu-ybhyxUUM0pqvKwQ5lRMGtnwURQQDJ6nod9o9u5XtKGpWYWZHPGRJW5ba77eeznsqrJfX7Oug-hLORycSDl_zHXUg1oFkdFRAJCN6t-ylKW6wta-pgVKqgIDaKAY55AHaj5levDdb66-iRI8Gm2UEwnuMeBb5p3LbHnxox3v80zmHezP-pfA__8rXtr_xRULJypq7Y-PlHRN5YU9l1V5hXkzUaB5hu4ekbIzdnJt_hvIKBhgZcv75nAu-BRMyX3_PEZqzS_NhEhRNF8pDK83Sx3MczCPOY0pjtuiBydi2o1Q103sB1t6i_NjkLRL9WYnSdfAKA0U4fB1XFvwhGVbb77O2Rih_rlDqSOJgHVd5gjlSzOZETQnWo1VpNgf28t6ts0kNM7xUnuklsvfmpXAZpJCGgabFe20NpJ1PPK6nn0eYSReFEPlWMFb7aJ31e_Vb9wT2y64AjuhmCM2HyzvFGN3M5ur7wmR4mVQzT6A&sai=AMfl-YRj9A9MvGO4YY46KnGJCpNExjtspQfMOts9FPKGwVdlK0g0vkaNjUtMMeOZaPNAlaEZuXuO9faeA1ktJPxZM5EgZKafwXGW7RF7figDrpK8aJVTOJt3IRXoa7-cMfiA_RzPXx0KVcrNmFBmNKwX4QDJGX92_L6RZRutIVCmrWpKCRk9rxvi6w882k4yBbxZHObCrFuUl5JEjWFSaxHs2T3fQBOB93S-vcoFzu9Nx346t1ah_vVfjTo1fz49NDcoBSJ4315abwv7asAp3UQpXfKqxrVsVC8jmPBJTWwaXyc-gwXkmHsteaXgn0hk4moTGBrrqaX4s34NM_LsW9BqNlosvx3ZdFWtmFGgHt39bHmwUL7zQzFmHZ_Hcz2oIL3BF8mQD-BIrc1LcKXs7t4hda3pxZT0f10a3az7axdVRkRM0IiC8g&sig=Cg0ArKJSzEKPptz2xzUVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=240&cbvp=1&cstd=238&cisv=r20231023.71138&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5ABC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&gdpr=0

43 B
732 B

18ms
17ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiOkqQDEL3b0qQDGK6k5fQBMAE&v=APEucNWBP-DQ9APAkr2UwirfRdujBI_fmCUiswLTO20kYbQ398cTGxAiljQbXRJit-NrFH97k5AvXREp-0L_v6iUAmIiL12LGBPyXqqvkR1aEfuSUbaX3Ok
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmvbG9D1yUeFUCu0xGJ8jZL33JW1aBVcwelw%2BGBAwguvOsSmqAJJNBW%2FrePStVMzRXR3Fi5bf099NiDti6kATnj8OFqOAJR3KjjBuz4erXLYCloXwuTQKZE3fmbu5gaO5sIdTcolXivUSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b55992b5fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5ABC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2

43 B
737 B

20ms
20ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiOkqQDEL3b0qQDGK6k5fQBMAE&v=APEucNWBP-DQ9APAkr2UwirfRdujBI_fmCUiswLTO20kYbQ398cTGxAiljQbXRJit-NrFH97k5AvXREp-0L_v6iUAmIiL12LGBPyXqqvkR1aEfuSUbaX3Ok
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZTzSMX%2Bk5%2BEnTMdrQh6ewyKASohiopP4ArQH4CPMV9%2BMHgc%2BJyo3AQBjX2no8gceVWQYkYMBIcVo3SRd2aNkvz58wlfu09MZGgk%2Fl2aeWv7TDfYsmLxkb63UdNQ4iD0P0H5X9%2BMgeVnYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b55f96c5fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFKvRLGYmsDbuAtGwRY6E8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5ABC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1

43 B
842 B

4ms
3ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiOkqQDEL3b0qQDGK6k5fQBMAE&v=APEucNWBP-DQ9APAkr2UwirfRdujBI_fmCUiswLTO20kYbQ398cTGxAiljQbXRJit-NrFH97k5AvXREp-0L_v6iUAmIiL12LGBPyXqqvkR1aEfuSUbaX3Ok

Protocol

Server

103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
an-x-request-uuid: 13d06be5-63d4-44b4-849e-85177ce1028f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENf0TJnCtnhjqhX30ymTPMI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5ABC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

170 B
188 B

8ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Requested by

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
an-x-request-uuid: a22701f7-a6bd-4dde-a928-2741ba7e8925
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9C2C 6 KB
848 B 12ms
9ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:regular|Open+Sans:regular,700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad60276cb96056307cf944cdc9bcd28099a8a083666507f083a8019edbfb6cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:28:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Oct 2023 22:20:23 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 9C2C 32 KB
11 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 11:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 11:54:25 GMT

GET
DATA 200
OK truncated
/ Frame 120C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c695ffb7740590277fbaf455c808660037e502860b79df59f446bca98960563

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 766B 38 KB
13 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 68090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:25:33 GMT
expires: Wed, 23 Oct 2024 03:25:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30DF 42 B
64 B 17ms
17ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRn1Ca1yBH6dGd_3DhhQdys0f982Vyb2qHYQ4ci7DSzLKgt4De4pEDPtJMCegHt-jZajh1kM_E7Ub9VVEbDvgc-f8167mhC2RrYhXfhvlZMhYqgm82R14dtZKJWJTF0Fsy9XquOAaNOQ&sai=AMfl-YQTGg7LmfMXslOooKbHwJA9n6E8qYHe-nqp-Ed6p5KA3i0GTx-SyYjcVvP3AzbJSYZkahixvkGXAWMdl9J6Tgl1G2j-h8mJskfEz5v6AIKr0qZDXGc5qJLs6ss&sig=Cg0ArKJSzJV0yfspyw46EAE&cid=CAQSOwDICaaNmLUhtq4uQUb6Gu_ZBwbwUFmeURhCos-NtjoF5b8kHcMmIEFJDwFexe-zuS0ccpgrCvRZ0xfRGAE&id=lidar2&mcvt=1091&p=200,436,290,1164&mtos=1091,1091,1091,1091,1091&tos=1091,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=607353797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698186022017&rpt=252&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 18F9 38 KB
15 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15035
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:13:12 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EF13 0
0 18ms
17ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvi0KLgZhZTF3TbrZTKw9nW_nJ4PdTbEWwW4B8lhEOoctd_Mb4hV8lH4FSr6ifRx-3nUwq7kSF_lAbMpi2GWNzFbBBDp-36UOFaoVmJJodpIsGYsMrbeW99hWjVZrgPua0q0UGANaOhkxe-cR2fUhDgbh1VhqbuIwZMfsGwKWVb3s5EHupsr_1zxyRsddklyDZY-7L6uUhtVBse294dmvMrwfVgzdheVqGk6Hn7JmuFD97HxOKoFlWus4yhSqQBFtc7affMHhvJklj2wbMcxaO7zRELFByvV2nPxSIjw-zgl1I64cyUuMsx_gTR6vHGKV-7CerIMwKewYfvcylEgkQciuBNHybvINfIZKBSXzkmRFFgYRlKpF86_hsCkGwOyaXSFESTrrHxpqBVINtfmmiBPeVNqZftJO38Sttc8VMeHct77NTdAqCwbDEaqb7FiUL6qt3HGwdsrmwIlWb09EIxxXrZAy-lBt5KY0QEuvF2JrP-AMqQL0WrzuSaDVY11gfxUEweoezX6Xh-L_bCNkPYTon4nAJasxf28OMxaqa2E_V4nCDHw8vqsPNnelgn682x4TYzsX899AZbe-icDLgLCdErECOWAx_2MRUuJkiHWoxKK_PnK2Qx06hdA9_xDg2CwpyewM5Ayti-6pRvPYbbBUHv1gQVLvnqTCKnHMaPviAgkeDwg8eY7NZdRF4Nrmp7OJW0bJI3CbifuV7cAKxNdqAVxwTm4dfCwZgRg_rX45OxMiRxMFIfTJHfA2ZDC9qospc5VoyeoJDa-iO7SX4-ukoIV8GLbjPrMy-cdcbn6bz3ycteXkmMeZ80RtvoZAowjFK02JNbyrXI0-C-8g_cMjW_OYQtwukZLZEb2DiaTmgRWhCeh8tpfAQ22XE6T2AhmhH0ULwWEdtaoGA1tthdK7oS_y6sQTA3BhbPMchgb_iLMDoUE2ysMSaxzzPZgiyIKTwae97bYWR1f3tGxDSCMVvEsklv1UBxvQTgmeEWWkDjTZ3p0hA4CMNlbmHTbEqE7DyB2LFhPSOh6AZzbUTsmjR0U82ApNwBAN1l-XKZcUC15HQ2MSKQSM_LkCcoi3bEMhgsAaDX9KrcUXhRaDlBSrKhh-iLySS8Sgajl1OJK5ALoZ6N5hsSw_9rS9Xah18kyeel2QZ5oft2Etq2b-U26pUv5zZyMRuywTQIWcklB4fQTXpmT-Szf1DgzigtofiZrocIhESpQUI3a4n54HsCzHZADxeXuBnd69ybU-u0b_W0xLvcr3CNSZhmnU2i7kIMqwt_UZoDLdnsootr04HGmF1BAV57AEKFD8QCEfqTAYPAeINd3G0NFdWiiEpiC2sY5TXO505uXAjRrSS-XAOBg86AuQ0_7Lvpu1gNT0bw-qcqvAs81WIr0rCWge4BZioMZGPlTvDVN9ThwaQA7lSi9lE9Jr4s7F2RXPog&sai=AMfl-YQyQIuxjWaDhnpQ47k7jYyb4x6yJdkLDGCog0fBVtvqtdDh7Neoc8GvewVAXvBZh-pEeekQd20kq2EBatRnx4Lp1_F1VS7_UczLHkdOExAV9E9EF2ayM9ilrJaIoU2hUeBBRgtHoCKgjpiLLqgApO0-0fCphJGhuKFtZgxZJl9xUNu5izP-UYjbeESeLohPNyNMmZfJQFmRrLGn72LjyvJNfc7aObr1ywlO_D0qglh0OF_64KZw5N9q90hKxUhaHtSCxxazFtQZDY0L16sx6cKU12UmQObQK0ft6h3ZxHK8DUQ8DW_wB3MQcKH8-0Vn86lpi71sCUI4L1AbsITLkGqMTpNw1_Rs_q6mQHovbOtRcI1_T_SORcgcuKvBlMVVJh7KuOYJ4EKfSNIoruL6TRF4&sig=Cg0ArKJSzACaP45-c8meEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=229&cbvp=1&cisv=r20231023.39465&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 13111131181960470188
s0.2mdn.net/simgad/ Frame EF13 19 KB
19 KB 6ms
5ms Image
image/jpeg 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13111131181960470188

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd8cb8587e7da20f2817124ee9dddeddb9ba82cf62caa1e442f14ef975ddf15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:09:15 GMT
x-content-type-options: nosniff
age: 105068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19795
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 02:10:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 17:09:15 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 63B0
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHQUo7xmSL7LgCCplflLRPc&google_cver=1&google_push=AXcoOmQD1KSPSK-SknDMeQOanJAbjgpFhSIir4JMU-yF4RI86pvaMWO38gj33i-FwDXGH6fgq6yumVf3F8Ccm2_pRtz669urXJShs...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1NjUxMjIyMzQzOTAwNjM1Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIE0y1_hiegC6dtoyMJ1K0&google_cver=1

43 B
398 B

464ms
34ms

Image
image/gif

2001:df2:a300:bbbb::135

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIE0y1_hiegC6dtoyMJ1K0&google_cver=1
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H2
Server: 2001:df2:a300:bbbb::135 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIE0y1_hiegC6dtoyMJ1K0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKijhhSTR8Td0RnrHuT2y8c&google_cver=1&google_push=AXcoOmTLifcSNu3gIT6mjkptY1sRS8RfO44_JQPxgREJRe41DtlLzKmtAxMpJ1hW8ILv7waBxv1I5eA_9ZkgDxc4T86lkWh0E0GH0p...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBBF24503E4D4589B2612C2E2E194786&google_push=AXcoOmTLifcSNu3gIT6mjkptY1sRS8RfO44_JQPxgREJRe41DtlLzKmtAxMpJ1hW8ILv7waBxv1I5eA_9ZkgDxc...

170 B
188 B

11ms
11ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBBF24503E4D4589B2612C2E2E194786&google_push=AXcoOmTLifcSNu3gIT6mjkptY1sRS8RfO44_JQPxgREJRe41DtlLzKmtAxMpJ1hW8ILv7waBxv1I5eA_9ZkgDxc4T86lkWh0E0GH0p2Z7nw9SlWzdwd0Fr7LTqppY95XWDJqnh-EQ_POqwlX9EtjCm1Pa0M

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Oct 2023 22:20:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBBF24503E4D4589B2612C2E2E194786&google_push=AXcoOmTLifcSNu3gIT6mjkptY1sRS8RfO44_JQPxgREJRe41DtlLzKmtAxMpJ1hW8ILv7waBxv1I5eA_9ZkgDxc4T86lkWh0E0GH0p2Z7nw9SlWzdwd0Fr7LTqppY95XWDJqnh-EQ_POqwlX9EtjCm1Pa0M
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 23 Oct 2023 22:20:23 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B0
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEAOdqg0uaBicQex62cn6Si4&google_cver=1&google_push=AXcoOmQ3QrZQJPiAnbu_Dxq9fNob-QPrd1cUuQ_Y5zxtXvbGQuFi8lKZB-5RjQN62cdPJW2qClxuuqjn0qL-ziIxPF145LrnUhwF4boH1...
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQ3QrZQJPiAnbu_Dxq9fNob-QPrd1cUuQ_Y5zxtXvbGQuFi8lKZB-5RjQN62cdPJW2qClxuuqjn0qL-ziIxPF145LrnUhwF4boH1MKtRxWmoCGmg8YwWIPFXASZTcYEEg...

170 B
188 B

11ms
11ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQ3QrZQJPiAnbu_Dxq9fNob-QPrd1cUuQ_Y5zxtXvbGQuFi8lKZB-5RjQN62cdPJW2qClxuuqjn0qL-ziIxPF145LrnUhwF4boH1MKtRxWmoCGmg8YwWIPFXASZTcYEEgSTOcxP26_LogS896nob68&google_hm=NTcwTUtOMDBkQkRITjAwNm9oMVM

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Tue, 24 Oct 2023 22:20:23 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQ3QrZQJPiAnbu_Dxq9fNob-QPrd1cUuQ_Y5zxtXvbGQuFi8lKZB-5RjQN62cdPJW2qClxuuqjn0qL-ziIxPF145LrnUhwF4boH1MKtRxWmoCGmg8YwWIPFXASZTcYEEgSTOcxP26_LogS896nob68&google_hm=NTcwTUtOMDBkQkRITjAwNm9oMVM
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENzLTVHzeszufgdsO0tpGjA&google_cver=1&google_push=AXcoOmQswF0IAY7-C57KZk25GUZ8s9b3cm-vEP3P7LNLuIm2HM-m4xQ-kUWq6x0RYDn440toO9gqMI6klPgI09w...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQswF0IAY7-C57KZk25GUZ8s9b3cm-vEP3P7LNLuIm2HM-m4xQ-kUWq6x0RYDn440toO9gqMI6klPgI09...

170 B
188 B

8ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQswF0IAY7-C57KZk25GUZ8s9b3cm-vEP3P7LNLuIm2HM-m4xQ-kUWq6x0RYDn440toO9gqMI6klPgI09w5X8_DJzqKuMPFKCf-pLghArZlgJNfLwEIvVSSXz3xI7O43LCHLbkx_8EKEbNNPpvk9R4

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQswF0IAY7-C57KZk25GUZ8s9b3cm-vEP3P7LNLuIm2HM-m4xQ-kUWq6x0RYDn440toO9gqMI6klPgI09w5X8_DJzqKuMPFKCf-pLghArZlgJNfLwEIvVSSXz3xI7O43LCHLbkx_8EKEbNNPpvk9R4
Date: Tue, 24 Oct 2023 22:20:24 GMT
Connection: keep-alive
Content-Length: 297
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B0
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEucHrWBzW-XAKnQSq8awjI&google_cver=1&google_push=AXcoOmSXhsrY4Mcym6ZgRXg9GzAbTC403oENXKRB0_M7_r1KWPjhAZtrlbIVnhMW9eAycb6GiOH9jQqCVzfNhT8hodRlyfDf9h...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmSXhsrY4Mcym6ZgRXg9GzAbTC403oENXKRB0_M7_r1KWPjhAZtrlbIVnhMW...

170 B
188 B

12ms
12ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmSXhsrY4Mcym6ZgRXg9GzAbTC403oENXKRB0_M7_r1KWPjhAZtrlbIVnhMW9eAycb6GiOH9jQqCVzfNhT8hodRlyfDf9hkglaBRWS2JywDJTvwk6CKkXhYj8Vqikni6J4VcPlSZbUhIBmW8qw05g1c

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3NTgyMzM5ODUzNzk0MjUxMTc2&google_push=AXcoOmSXhsrY4Mcym6ZgRXg9GzAbTC403oENXKRB0_M7_r1KWPjhAZtrlbIVnhMW9eAycb6GiOH9jQqCVzfNhT8hodRlyfDf9hkglaBRWS2JywDJTvwk6CKkXhYj8Vqikni6J4VcPlSZbUhIBmW8qw05g1c
date: Tue, 24 Oct 2023 22:20:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B0
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIBwgATDME0t5iWm71QxiBE&google_cver=1&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooC...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIBwgATDME0t5iWm71QxiBE&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooC...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooCRW7PMkLjh9r_TB16odkcmRRkP2BBdpn9GNxinzaDcndaMigz89...

170 B
188 B

10ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooCRW7PMkLjh9r_TB16odkcmRRkP2BBdpn9GNxinzaDcndaMigz89WQy-wHYRDokJR-QvJxzNxOU_g_4nM&google_hm=azY5YWlxN185UkFTYmJkUFFUamQ=

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 22:20:24 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxRjqI4-eu5wIIWPF72WeQaIwiLdTD7YLFPQKshCCIWnA3H9uocdrGWycFXAGR350arbooCRW7PMkLjh9r_TB16odkcmRRkP2BBdpn9GNxinzaDcndaMigz89WQy-wHYRDokJR-QvJxzNxOU_g_4nM&google_hm=azY5YWlxN185UkFTYmJkUFFUamQ=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 296
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B0
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c2e7481e-9af7-4f04-a5c4-e5d1b45ecb2f&google_cver=1&google_gid=CAESEE85XMoQfnb2TEgJ_NImPXg&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

7ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c2e7481e-9af7-4f04-a5c4-e5d1b45ecb2f&google_cver=1&google_gid=CAESEE85XMoQfnb2TEgJ_NImPXg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQB7Kr00hl2jQncMVF7noQp_KWEJyFiBe6Ce-xbDXIXaek9Xsvz17PA_edFIZ5kUK78rgYrvjcAt3nOrbKfHrvNwtwdG4qpGHSeA6K5ZeJrtfeYfmcmWsETKWDovTaFPsxbNgtmp2-y8wmjRZhfNyw&gdpr=${GDPR}

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c2e7481e-9af7-4f04-a5c4-e5d1b45ecb2f&google_cver=1&google_gid=CAESEE85XMoQfnb2TEgJ_NImPXg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQB7Kr00hl2jQncMVF7noQp_KWEJyFiBe6Ce-xbDXIXaek9Xsvz17PA_edFIZ5kUK78rgYrvjcAt3nOrbKfHrvNwtwdG4qpGHSeA6K5ZeJrtfeYfmcmWsETKWDovTaFPsxbNgtmp2-y8wmjRZhfNyw&gdpr=${GDPR}
date: Tue, 24 Oct 2023 22:20:23 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 63B0 0
12 B 7ms
6ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBxH041t6BW0_XavsWEm7vYhiJlz8sCUeBEwEiZpyCFV_9wlEv-Xx94ICGGiwsblRoCgXNHZ8

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bg_scroll.png
s0.2mdn.net/sadbundle/17171398766395992679/728x90/images/ Frame 475D 301 KB
301 KB 6ms
5ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/images/bg_scroll.png

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2137403e7d08fd8ee0532f68190543e3168e975c74e401c0b0811040b1240c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:23:19 GMT
x-content-type-options: nosniff
age: 471424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 308199
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 03:47:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 11:23:19 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0925 0
0 14ms
13ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsscuP2_yZElK6hUXjjhQJ1M6DS6Re0f1s1rthY2f15_FTlXXvHNim6ynIIHYnXJPwKAz2LqExSGZl1aQ2RkBYh6Kut7HdoF0VkSWDmOfASDNzd6rNyvUv1qJU-7sqtNPVfoYnq35us2jZAkMZ5gu3RfVwC_v-1pKcn78FB7pTsau9nhnGlagILVmMGromrl9czt2JlhT2pokhtVDdOk4k0vSmZSzupDCLdUSmpbRxCaTthloaTsoX2PVS47OmgJRl3mU6Djms4p0Rxtd3EgjlS6zh0FKdFKBlBWZbnKeE3jselwLyrHGPXAYq3nW1PjpNRFTNVTXHCT3bIY2wL4aJpSd8KUzky-gCr6qf0H8glNQICMEt7wXyYWWXoZcU0I9acw7W23E8EgMH8reRlBKyWu88SOc1vEjziE9iRfUZEWxJbuf60_W3TTpuXm0jqxlmt1eueFbq_yJnmwbw3jMSCN_l560EU6wUl6UMdoEXwjQg4hx4yisPcXCdi3O_EZedbJuutFOnD80h84ljR6OJLNO8lhu9ZysJybgr-46_2dV64Ksq5TwdbYyMR59Zzby2cp2Lo2jkYSQiSRx6AnIh3obISFn6poaBkcQqxd9DR4QSK6Eihsl8c2P1YJQGvUzW-1URoETj7ZGdVYn81hQkJlskW6njf2pLDEZZWFniTaaa9JE2YLyysoibGgMM3lUktO3wVNLkQeYI6sYS6dQ98lPlJigaqZVq2eLVE5mZh5YQ7mk4MZmitInpvOnMdOf25kaRd-ULd78oXofxSUXIn7M1GslbWNx0xGxMDiu9IgD6BbU8CGjQKXaE_32l7dhTtcmprKybGbBOOFnTqvE2OnkUhqB2_MsBazYR-5_xM-ZodR9LOppWhvKUNEkq0f7tcoao103aGSr2FDCgJKAwZtuWjqg3gh7N_XbDwSVXHN9lbft3JUlhN788MxzqnK4NOeVXbEY1bogrwo3YLDa37vzHATEleQPimTbBa1SNDSaQmJUdzG9UCRmF0CbT22mE99ISH38NJ55weSevo2L48zHIPUeO5cvLzJQUNY7qZ8lsD9sdfKAM6hmkbZ2AWb59yb1WWj-Jo3DsIA-4yM-JVkt-27pSbVGK5BuUUQJsTJ4Py7nOgymZvTrG2CdBDfOi0RfLYhVzDPEsLlfztRRKOtjLumf0x391JxjHdnKOW--eDpiZ8Ny0loM3mLdpg-tOfytn_pQhbKBlQHbEDFEYJ0I3AdFOih23N6g5VitTEWFQZ2gROVgOCC0TSpEy_kBx6x6K0MN34x-iOevXoRFvkBLY04YNbcT2hP49TmHn8tW-Ksca-znK8SqAUfega-gnIyfIZi8itpy7UpEF-GiSa-&sai=AMfl-YQctNb8wLSb6SkAV6LDl5Omya_RGVj7ivbi_ghZbSmwINmtmrcYauIhKEPvnUhhUsAg20pSe8wvpawdGbmi3q59ny_46gK3LI622koowLeyDICxLwhaySSPvxivfAYWFJEy7a9MKRmkYVU0yMIK8EeKAxyEX51-IhPYwHyfBUY8W7V9EwcjsvmQI7YGWSOeIYUT1NTjCU4Pxu6_XgheKlLdrTtekP7SbUDwxAiPhKdDkEfEiKIqNsPj1-Qlli8_MkOaBkCHn6nkxhYMxUDPf94rhf93IaQa_bRgfB_xs1Vpz9CaOTB9GY_OzbCdGEgOGJ3HTI3B5PtV1ZJ3-d0h9viF7qXYfjo1wKWFxjhAA3aSHBzagQHpmwNEAWTY453guLWZLbtJAcZpwuE1LdNL7cTP&sig=Cg0ArKJSzFaCelkifE9AEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=786&vt=11&dtpt=504&dett=3&cstd=278&cisv=r20231023.09459&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C1A9 38 KB
13 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 68090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:25:33 GMT
expires: Wed, 23 Oct 2024 03:25:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EF13 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3bd57d74369b22cbf2366579a35afc8faa67d5a4a6a7685c721e91488338b82

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 booknow_but.png
s0.2mdn.net/sadbundle/17171398766395992679/728x90/images/ Frame 475D 6 KB
6 KB 5ms
5ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/images/booknow_but.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fba972760b3e7ab3499c4778136dce95b2be1a260067c324734fd5f9c3c1776a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:31:45 GMT
x-content-type-options: nosniff
age: 470918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6319
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 03:47:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 11:31:45 GMT

GET
H3 200 _ad.jsp Show response
fundingchoicesmessages.google.com/f/AGSKWxXFRvwrjAhcoxF-Z1vLoTcPA_StHRshLZ4Yevj-JZ1xuzzhqNr1BCmpf8z8U5u8pWtzIteC0oFS81mXbH_ZcA6Hi-1Sm_k4Cy-PE9K2ZzDAQnc6SHPwcPFus0ZAOjYHFCUNvoDHkKZAS8xP1iiiKmPd88z8m... 54 B
107 B 22ms
21ms Script
application/javascript 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXFRvwrjAhcoxF-Z1vLoTcPA_StHRshLZ4Yevj-JZ1xuzzhqNr1BCmpf8z8U5u8pWtzIteC0oFS81mXbH_ZcA6Hi-1Sm_k4Cy-PE9K2ZzDAQnc6SHPwcPFus0ZAOjYHFCUNvoDHkKZAS8xP1iiiKmPd88z8mpHEiIwNyhw2eOmkyl9hUVUPq04X4wLQ/_/adv/lrec__ads_v8..uk/adv/_ad.jsp?/inc_ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.7gYXXyZmrvs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzV6yyc8q3nVYHt7_LFj_uFUv5ZVw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6daa6fdaf9ece1a298fe8cc59b2e5055dd5c284dda37c833802e3c904c5ff28b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MF9H1Pr0x9PLFtB_pdJEMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-MF9H1Pr0x9PLFtB_pdJEMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 17ms
16ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad4388879dc14402b2fe0f8165aa5d35774b6530ab80a265edd3291f6716674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51014
x-xss-protection: 0
server: cafe
etag: 8632460031471370860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:23 GMT

POST
H3 204 AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 23ms
23ms XHR
text/html 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EjSXe8iPGVeWl-pQGVl4HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-EjSXe8iPGVeWl-pQGVl4HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dulichkhanhhoa.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 9C2C 47 KB
48 KB 25ms
4ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:regular|Open+Sans:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:14:50 GMT
x-content-type-options: nosniff
age: 471933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 11:14:50 GMT

GET
H3 200 image3.png
s0.2mdn.net/sadbundle/17171398766395992679/728x90/images/ Frame 475D 34 KB
34 KB 5ms
5ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/images/image3.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0611ff24713e9c7b9a28db7d4728673e7b64f3d0888a15ac57b4158a16d1aecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17171398766395992679/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:05:06 GMT
x-content-type-options: nosniff
age: 342917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35006
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 03:47:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Oct 2024 23:05:06 GMT

GET
H3 200 8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 766B 38 KB
15 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15035
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:13:12 GMT

GET
H3 200 container.html Show response
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7CAC 6 KB
3 KB 8ms
7ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:21 GMT
expires: Wed, 23 Oct 2024 22:20:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EF13 0
0 10ms
9ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvi0KLgZhZTF3TbrZTKw9nW_nJ4PdTbEWwW4B8lhEOoctd_Mb4hV8lH4FSr6ifRx-3nUwq7kSF_lAbMpi2GWNzFbBBDp-36UOFaoVmJJodpIsGYsMrbeW99hWjVZrgPua0q0UGANaOhkxe-cR2fUhDgbh1VhqbuIwZMfsGwKWVb3s5EHupsr_1zxyRsddklyDZY-7L6uUhtVBse294dmvMrwfVgzdheVqGk6Hn7JmuFD97HxOKoFlWus4yhSqQBFtc7affMHhvJklj2wbMcxaO7zRELFByvV2nPxSIjw-zgl1I64cyUuMsx_gTR6vHGKV-7CerIMwKewYfvcylEgkQciuBNHybvINfIZKBSXzkmRFFgYRlKpF86_hsCkGwOyaXSFESTrrHxpqBVINtfmmiBPeVNqZftJO38Sttc8VMeHct77NTdAqCwbDEaqb7FiUL6qt3HGwdsrmwIlWb09EIxxXrZAy-lBt5KY0QEuvF2JrP-AMqQL0WrzuSaDVY11gfxUEweoezX6Xh-L_bCNkPYTon4nAJasxf28OMxaqa2E_V4nCDHw8vqsPNnelgn682x4TYzsX899AZbe-icDLgLCdErECOWAx_2MRUuJkiHWoxKK_PnK2Qx06hdA9_xDg2CwpyewM5Ayti-6pRvPYbbBUHv1gQVLvnqTCKnHMaPviAgkeDwg8eY7NZdRF4Nrmp7OJW0bJI3CbifuV7cAKxNdqAVxwTm4dfCwZgRg_rX45OxMiRxMFIfTJHfA2ZDC9qospc5VoyeoJDa-iO7SX4-ukoIV8GLbjPrMy-cdcbn6bz3ycteXkmMeZ80RtvoZAowjFK02JNbyrXI0-C-8g_cMjW_OYQtwukZLZEb2DiaTmgRWhCeh8tpfAQ22XE6T2AhmhH0ULwWEdtaoGA1tthdK7oS_y6sQTA3BhbPMchgb_iLMDoUE2ysMSaxzzPZgiyIKTwae97bYWR1f3tGxDSCMVvEsklv1UBxvQTgmeEWWkDjTZ3p0hA4CMNlbmHTbEqE7DyB2LFhPSOh6AZzbUTsmjR0U82ApNwBAN1l-XKZcUC15HQ2MSKQSM_LkCcoi3bEMhgsAaDX9KrcUXhRaDlBSrKhh-iLySS8Sgajl1OJK5ALoZ6N5hsSw_9rS9Xah18kyeel2QZ5oft2Etq2b-U26pUv5zZyMRuywTQIWcklB4fQTXpmT-Szf1DgzigtofiZrocIhESpQUI3a4n54HsCzHZADxeXuBnd69ybU-u0b_W0xLvcr3CNSZhmnU2i7kIMqwt_UZoDLdnsootr04HGmF1BAV57AEKFD8QCEfqTAYPAeINd3G0NFdWiiEpiC2sY5TXO505uXAjRrSS-XAOBg86AuQ0_7Lvpu1gNT0bw-qcqvAs81WIr0rCWge4BZioMZGPlTvDVN9ThwaQA7lSi9lE9Jr4s7F2RXPog&sai=AMfl-YQyQIuxjWaDhnpQ47k7jYyb4x6yJdkLDGCog0fBVtvqtdDh7Neoc8GvewVAXvBZh-pEeekQd20kq2EBatRnx4Lp1_F1VS7_UczLHkdOExAV9E9EF2ayM9ilrJaIoU2hUeBBRgtHoCKgjpiLLqgApO0-0fCphJGhuKFtZgxZJl9xUNu5izP-UYjbeESeLohPNyNMmZfJQFmRrLGn72LjyvJNfc7aObr1ywlO_D0qglh0OF_64KZw5N9q90hKxUhaHtSCxxazFtQZDY0L16sx6cKU12UmQObQK0ft6h3ZxHK8DUQ8DW_wB3MQcKH8-0Vn86lpi71sCUI4L1AbsITLkGqMTpNw1_Rs_q6mQHovbOtRcI1_T_SORcgcuKvBlMVVJh7KuOYJ4EKfSNIoruL6TRF4&sig=Cg0ArKJSzACaP45-c8meEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=552&vt=11&dtpt=323&dett=3&cstd=545&cisv=r20231023.39465&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html Show response
s0.2mdn.net/sadbundle/7383965533667852288/ Frame E2D9 4 KB
1 KB 6ms
5ms Document
text/html 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7383965533667852288/POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23658bf8e1ccd0a02680a7ebd6ac7672586f4d821e7058aeef9d04521eee7b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 587683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1427
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 03:05:40 GMT
expires: Thu, 17 Oct 2024 03:05:40 GMT
last-modified: Thu, 24 Aug 2023 02:10:46 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C35 0
20 B 8ms
8ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bo-DxJkM4Zcm7CZ2a9fwPw9miEAAAAAA4AeAEAg&bg=!6-il6KfNAAao7_3LiO87ADQBe5WfOACImPpnvkKfEaETwwcmUqZsiqq5fnhNmytAzWMXJ9qFQSqM-dn0QoGoZTsMppqvAgAAAzpSAAAABGgBB5kDCyzJ-F9SZroUSX1cLmQ05GD-igZ-X5_5VhShlH_6Dyt0jmrzRXQTfEDUSJvzjsHzUvparB8fbbvSoa500JTYT5FdhQfLldA7V_eUk00MNPS7S82kILb7pj-6n718sCOXt7ULEh4mbwe_SouNtity_UPjerH2bLNIy3MX4n5FKRd3Dfv6C520U3kC1DTbo3S5MSU94Lu5e_xkw2MOUyr8-WS4TcjuO5y5fQYIp_CQmYo-lwi-NNTQC1NH6oriop4lYItQM1f0VZA7DtOJuOGasG2tKhXk9Er5udZkr_eqlV7E5N-sBX2iifjpLFkP0N5YjKqXZw7XhahpFVA_JaJtCTYP_wa3DRjg4rBjErNbOZUK_LsAqpxQX6e1x1uErguiAP53qt3NMyMtKS__3EA6rWhjt4HXih9K54_z7W751AWUBJV5EBlvTA17AqyCh9lWmhxt97ukPJd7cvnzgJgQFYZeZqru--D2FxvZtffq_9AgNXobGbo2HOSu1hBrsCRkZ5g7rqjb-L8s9a9QdK-uoD0YB8sSyA7gEX2ZWee3DA-d9drmGQ58sKwlulk_Saand3augx7p9Lymab6SPiVUGZlQGFl8N_UgV3dTxRrJbp4RexAZ29d2sSMBCKX7eZQV_TY0oggzYD69VWL9SnMfU5Wxpy39-HCN2hHk8NOa1YwAsy2pay1efBwTg3FXvggs0DGC_N2oMa2XhXJy9o9r2AX5K0mSx1btBkQSdIumhUsA1BolcF5H3WDcmd6XGdrpUEJMMmjYm_RYyUkOrGjSF0yiEWGOzx7diBy_ZBtMlFF0JP00dkatglKRT6y9G0AvWtmOuGUMwwmxw9Wzj-ouXHZ5J-HFF8ejc-6X-KYQ7CEv8F_rgdkmZqMXYo21NDrznTDXwmK6hWzLPjLGfGO7n7hGdh5yhxp0LmDs65d2x5FlfqXE4ZQralZtdxmACw5pEgevukhrs2l-EXftQSXsM9lCCeuOik-m61lW4TUKeeSqYRdDlJSyhicInjcURGr7Uso5bpfmuPC6itpQ

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 120C 0
0 10ms
9ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNxFQGZp9nj4m9hT867lZTDukvoE3J8imF4QabU5PNIIUujQrNgc_BrrWNcXJ8o5P5B03OxMP1fYVOJ2zGar2O-Xr7jLpeqT6Xbj56HesLsFGFFsXZkZwR1Pn2937ypHLQAdExDGIVnI1Gc952wg5KlvaBJHPOKn_RcfRwrTw5OSlpIpjPogFUo1dk5Vg3FUCx9L_CaWqpTcMC0SGC6jsvbqtcX9IeKhhk4b3fWWio67xpm3B16Chq7SkAacr3TnYvSE3Q_0_TiMicQxDptRoAcwMOSh6IIzGFtIfviUbx3lPR0HrbJun2Uypm5xnzBSQ2ooMcthsUDgzWsZL_TaNYE8LoPOX7CrxIVmujq5bLGzO6em4r00m_xasJLvvUsG5WmkTccLSz3hftX9M93-UqRJXvo_fe-zK72zw1wdypWa2rgIyS01FABSLyiIxB3RGrTfXfYJMIyhFB8fKEbaeYqn4_crJI9fyWD-AS7QF6g_oTjn9a7F7u49qrVLp5ZLzGU0KmL7mAf0VfDBnKzLh7ZJR5elearkxeat3pSkzXZEGkzPCgrnwaBRksg_520Zz6wxN97sYOBvBQuMYXckYRoOQFSLgUztJLVxxD6AZuKvMVw9R3gJluTzNRMwEn37KAa55ytWzY9QHej4HqucWiSSIqc19Q8_4pPoT8jl7UQfQ-wiw8kg1sU1drEMqGjHWaVp-JQZA9I39x48vFcyfPa-o3eAeb9sqD1ufqyXNc7yAM0g7Ync5fHKUavK_EiguAV4YKRbhz587_KJZUsgWif06sFIl5qzyZ6Hbqs5xQTeukEwhExCvUbP7f7xgAL7UogBsuUgL_K9YjYu_c75SDdoshTgmTBOpTYNVnWh0DxNv2Jwc7C2pW1MBqTEzFL6vPP0SmDRZlHod9sjHFu2x4bg-e6zOl5VxY5G0cAWmu-ybhyxUUM0pqvKwQ5lRMGtnwURQQDJ6nod9o9u5XtKGpWYWZHPGRJW5ba77eeznsqrJfX7Oug-hLORycSDl_zHXUg1oFkdFRAJCN6t-ylKW6wta-pgVKqgIDaKAY55AHaj5levDdb66-iRI8Gm2UEwnuMeBb5p3LbHnxox3v80zmHezP-pfA__8rXtr_xRULJypq7Y-PlHRN5YU9l1V5hXkzUaB5hu4ekbIzdnJt_hvIKBhgZcv75nAu-BRMyX3_PEZqzS_NhEhRNF8pDK83Sx3MczCPOY0pjtuiBydi2o1Q103sB1t6i_NjkLRL9WYnSdfAKA0U4fB1XFvwhGVbb77O2Rih_rlDqSOJgHVd5gjlSzOZETQnWo1VpNgf28t6ts0kNM7xUnuklsvfmpXAZpJCGgabFe20NpJ1PPK6nn0eYSReFEPlWMFb7aJ31e_Vb9wT2y64AjuhmCM2HyzvFGN3M5ur7wmR4mVQzT6A&sai=AMfl-YRj9A9MvGO4YY46KnGJCpNExjtspQfMOts9FPKGwVdlK0g0vkaNjUtMMeOZaPNAlaEZuXuO9faeA1ktJPxZM5EgZKafwXGW7RF7figDrpK8aJVTOJt3IRXoa7-cMfiA_RzPXx0KVcrNmFBmNKwX4QDJGX92_L6RZRutIVCmrWpKCRk9rxvi6w882k4yBbxZHObCrFuUl5JEjWFSaxHs2T3fQBOB93S-vcoFzu9Nx346t1ah_vVfjTo1fz49NDcoBSJ4315abwv7asAp3UQpXfKqxrVsVC8jmPBJTWwaXyc-gwXkmHsteaXgn0hk4moTGBrrqaX4s34NM_LsW9BqNlosvx3ZdFWtmFGgHt39bHmwUL7zQzFmHZ_Hcz2oIL3BF8mQD-BIrc1LcKXs7t4hda3pxZT0f10a3az7axdVRkRM0IiC8g&sig=Cg0ArKJSzEKPptz2xzUVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=789&vt=11&dtpt=549&dett=3&cstd=238&cisv=r20231023.71138&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js Show response
pagead2.googlesyndication.com/bg/ Frame C1A9 38 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15035
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:13:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 115C 42 B
64 B 10ms
9ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupadZbRT5V6rAWEbpCpjyIIWFni9_qGvkmTtl1nSP1aWEkUTqZaI1np2gdpNw9h2SnkqrkX_b1khkZa6LqAIZjxgbSHqtbZI_QWPXnViCqaf5WwbFy_dWEcQn3ImCL&sai=AMfl-YQYgNU_NO7pN5Oh3-tWwuTf34xYdy1lG4w6fUD5ZZKs4a71dylyDW5iFmvjJ28IW5KZI1bj3tJIthdCyTnNNAseFbkRG4gsU6xr5DW6r30C9PYen5lYPdGNInY&sig=Cg0ArKJSzHZzaaSDFdXpEAE&cid=CAQSOwDICaaN8tqH8RJ7SbnS1dfMydgLkX3cZKJ3TyXRbHK2KQJCwMwXkyXam1T2dT3bJeKejD3V5kwAY3bIGAE&id=lidar2&mcvt=1076&p=290,802,890,1102&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1535702787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698186022301&rpt=385&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 54D9 645 B
254 B 18ms
16ms Document
text/html 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjV94P6ATAB&v=APEucNWK5Z93VxsyY3EabbhvZYu7__IvKqWGjZ5o-qrMmxLn5tyCIkgs7mjhptrJbaGbyTV_YDna9zjcG3awtJHgqlEdXO_5pR1JvW6N7vdIAP-mGpdIMb8

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 7CAC 23 KB
9 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:33:21 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 7CAC 7 KB
3 KB 9ms
9ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 04:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:55:03 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7CAC 0
0 24ms
24ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBIy6fM5PoIvRpSfOhp0P7aWk1TqN6NqLjsF7StIF8E8lBpd1q8AWXeO6qD8uuBR4XqzUIjvZAN_0ZKBxV7QtYkiPJzm1o8DTa9gIVP7pZsJ-8OJMAIIBicYs4tspYqt1Wkq_b91MIIER8knRzwZ-yev_RegwLXxtx72VGUv8QTgjSbYrCGe_dFS9prRcPSNev4S9aAYuL_Rz6ZZBRa2kz0sl-JPHjtRnhkAcRDoyewCCjKPRpd8tIh_CaEHsO9HhoI_TE-PRsQsAwCjvVIID7h3ex_sUHjZsyzR_3mNObKowqD1xb2KePkJ_yGQLH0L-To30iBJ4iG7dD3XxHnFfybu6OAVJQyZ67VhUweP4Zhr4nCVKw4ytx_jejqPUmtkl2jBIE8cT-d0EztXpi6DHNtr3YPrFtUonpsvhgo_lnKnPzldXqxH2pZCnLjq1ho0We1Tc9JbO4MnER8JtbzwBahNdRRpzI1fEqt4VH9h5wl33oDO-DE0iQ21jXUQleQomp7W1WvZBIZGPq0C7zmvPu3O-IFaALN7YYP1hGaP_R-zXnJSXMW1MzYaOa_y0R9aaInrChqtbvC7KWq_yFO-c49BjCZ74zBO56XZ_AXVCkrMOa2QKogK9Rj0KPaImt0Dar--M45Mg970wBKmKlvqvxVPIIbiZxNbp8PNMiAloDNe0NQrHYnSGCIv6AXg2cCS-sUz2Cq_9SZZMGfNjpef6wVDFe8ScfYe41qP7_N5HmcvCv5NUdBgZYGIhrzZ2b849RDsBJItDJ0IaPt0Eo_sOtQzbwp_IKk2a-zj_BVDF73hSlJMGYbwU31DD-plj7Jun-zlNBOXr5dNVC_9IYR_d1iEGfn0UvBFsIrEytPFCmy2sAfvaZ1DHexWqbI2lbrBiWxRlthUi4i-AMttGcIiYCTx4dGugvzKnv-9BDNRRAjxobheb0ia5fG5irM7oM7Z3PyveMLk8GXrVYjxFLJ8UM_rSVP8Rr6ynd7bAlZUhYVN7tsDq4otqU1QkFNL-e3EkOO24_WQ73E43akgC5XdY3OXk3z-J50d4cIwtJDknAa1eizqK8ENj4S2GG-hMYDsu4WQrsl74CAgN1wXqajKdWLxIw_7N48EPa9KoFAlYWw6nXpjCHPqmwL7gvSM-J7RPFPnngqtF80BmdBUqQRpX1C6bVBoLNuecazD3AnKZVX17vjizGjMv-oWeDABIYYVIsw1AWyu53ytV_mzsgC-cHQHM_AsXvLgtR96X1wA7QrmN_T_Q5JLytX1RZIU4VYkzpwKX39ClHDzgpdBpqMdhFUZGfioekyWqgkip3wdxLMg&sai=AMfl-YQxk7-Fz0XRm2BgzgpJ9T6hOFqkX0H6NBvV7IHr7RRZQnt7wXEDAMJRq8XbRwu999QPpHSq9_DeY92o0FCJi5E4UGcM_6iFX58_W21-v4HnDvkrQ0845kayBO3-xf1lHQlAM0TzJqrfpsEvl18y0BvYEk891ZAKcDlFvTdidly6gR28RiDjrlwZInnPTQDoamOPHXEYc0m3NRnnQsHB7bsIipopPohfT0xuxvdeV_1Jg1kLedilXSPXGIfnT7ivSjFpe6oxGRPCVYpgRBVS4PRjDw74VlJ8b8nvJMoSXEewMOxsroa3OhovCpkuTLBlNTm5LIUuAjcHg7Lty_gE-vLTWA6v1F_sHAwhm340WBz5YrOkj75o0Rj4YjNSSAvu2kTC4S4Mthuqi993O4rpqUqV&sig=Cg0ArKJSzJIHSURpH3i4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231023.03319&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7CAC 41 KB
14 KB 9ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 03:25:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7CAC 3 KB
1 KB 10ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5DD9 1 KB
643 B 27ms
6ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 68772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:14:11 GMT
etag: 48472445140208031
expires: Wed, 25 Oct 2023 03:14:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7CAC 20 KB
8 KB 10ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 23:31:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CAC 42 B
63 B 11ms
6ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqGwxuwZH7VdD7ODLRs99RKMtD-xJwh51R9FKcRM7m77jfsJUOF9i40n04Yhnv1D-14bPp5iKbd0gJKfqqJ13rMoYHvtKJgDnmLOW9zOUVA7j2qgk

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7CAC 0
0 55ms
50ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSli-cu3s_DkPxIrIcuGekvuilPUn91mQk6dxZmNNEg1plwHgMzSTtRChqSD7u4vvOIFzU2m0Efe--Qd7G_J02jFdlf6w
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CAC 187 KB
59 KB 11ms
6ms Script
text/javascript 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:20:23 GMT

GET
H3 200 3712828115636807605
s0.2mdn.net/simgad/ Frame 7CAC 70 KB
70 KB 12ms
8ms Image
image/jpeg 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3712828115636807605

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f69fc7c16cfa6ca3af21eb6ab066af24cf45bc1b94ff472edf6f6eee2d7f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options: nosniff
age: 66550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72092
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:26:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 03:51:13 GMT

POST
H3 204 AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 23ms
22ms XHR
text/html 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L5ZOVp93Gre_CMNxWqDm1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-L5ZOVp93Gre_CMNxWqDm1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dulichkhanhhoa.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30DF 0
20 B 6ms
5ms Ping
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4850730814780&version=m202309260101&ct=76&x=1&cor=6812039362943980000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 54D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN8B7e-UkNSAC_5Py-Fb9FU&google_cver=1&gdpr=0

43 B
735 B

24ms
23ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN8B7e-UkNSAC_5Py-Fb9FU&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjV94P6ATAB&v=APEucNWK5Z93VxsyY3EabbhvZYu7__IvKqWGjZ5o-qrMmxLn5tyCIkgs7mjhptrJbaGbyTV_YDna9zjcG3awtJHgqlEdXO_5pR1JvW6N7vdIAP-mGpdIMb8
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXzghFR8%2BKe458vhNLaof2B%2BzscAhG89bUikEwH%2BXIatD%2FTCwPgR0rQElzRGtd3WY80EvyX6NCVc2NL6g%2F2oA0C8OlAfupMFHAhVLZsTDPcCNcnuEJuxxADPV0H%2FDQSVsOlQts9TdlqUdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b59bc0f5fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN8B7e-UkNSAC_5Py-Fb9FU&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 54D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZThDJrVnKK.16PSWaTZH5gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgBD9C-w1M1OjhkPRCZAlA&google_cver=1&google_hm=2

43 B
734 B

25ms
24ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgBD9C-w1M1OjhkPRCZAlA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjV94P6ATAB&v=APEucNWK5Z93VxsyY3EabbhvZYu7__IvKqWGjZ5o-qrMmxLn5tyCIkgs7mjhptrJbaGbyTV_YDna9zjcG3awtJHgqlEdXO_5pR1JvW6N7vdIAP-mGpdIMb8
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pH3b7%2FrnuM%2BY6%2FGTkm1DT6N8HGVGwqhDN8BwptsKYyUsaQGm5n04pMs6FunSyeTHtyvKtesL4jHSAYl04JNloHXLrA8x1u5c%2BCYz8Rqks%2Fn1c5gAk2sHOc%2BSeAaK0mVm1A3O1Bedna4MBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b59b59fc3f5fff-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgBD9C-w1M1OjhkPRCZAlA&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 54D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENslFmh0to2hUrFgrcmU24M&google_cver=1

43 B
837 B

4ms
3ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENslFmh0to2hUrFgrcmU24M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjV94P6ATAB&v=APEucNWK5Z93VxsyY3EabbhvZYu7__IvKqWGjZ5o-qrMmxLn5tyCIkgs7mjhptrJbaGbyTV_YDna9zjcG3awtJHgqlEdXO_5pR1JvW6N7vdIAP-mGpdIMb8

Protocol

Server

103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
an-x-request-uuid: 57e479c6-b029-4761-bfe2-bfca60cccc3b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENslFmh0to2hUrFgrcmU24M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

170 B
188 B

8ms
8ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D

Requested by

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
an-x-request-uuid: 8b110ca0-5f64-4256-8663-55a1c499b2af
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0NzcwMTEwMTcyMDMxNDc2OA%3D%3D
x-proxy-origin: 209.58.162.238; 209.58.162.238; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7CAC 0
0 10ms
10ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBIy6fM5PoIvRpSfOhp0P7aWk1TqN6NqLjsF7StIF8E8lBpd1q8AWXeO6qD8uuBR4XqzUIjvZAN_0ZKBxV7QtYkiPJzm1o8DTa9gIVP7pZsJ-8OJMAIIBicYs4tspYqt1Wkq_b91MIIER8knRzwZ-yev_RegwLXxtx72VGUv8QTgjSbYrCGe_dFS9prRcPSNev4S9aAYuL_Rz6ZZBRa2kz0sl-JPHjtRnhkAcRDoyewCCjKPRpd8tIh_CaEHsO9HhoI_TE-PRsQsAwCjvVIID7h3ex_sUHjZsyzR_3mNObKowqD1xb2KePkJ_yGQLH0L-To30iBJ4iG7dD3XxHnFfybu6OAVJQyZ67VhUweP4Zhr4nCVKw4ytx_jejqPUmtkl2jBIE8cT-d0EztXpi6DHNtr3YPrFtUonpsvhgo_lnKnPzldXqxH2pZCnLjq1ho0We1Tc9JbO4MnER8JtbzwBahNdRRpzI1fEqt4VH9h5wl33oDO-DE0iQ21jXUQleQomp7W1WvZBIZGPq0C7zmvPu3O-IFaALN7YYP1hGaP_R-zXnJSXMW1MzYaOa_y0R9aaInrChqtbvC7KWq_yFO-c49BjCZ74zBO56XZ_AXVCkrMOa2QKogK9Rj0KPaImt0Dar--M45Mg970wBKmKlvqvxVPIIbiZxNbp8PNMiAloDNe0NQrHYnSGCIv6AXg2cCS-sUz2Cq_9SZZMGfNjpef6wVDFe8ScfYe41qP7_N5HmcvCv5NUdBgZYGIhrzZ2b849RDsBJItDJ0IaPt0Eo_sOtQzbwp_IKk2a-zj_BVDF73hSlJMGYbwU31DD-plj7Jun-zlNBOXr5dNVC_9IYR_d1iEGfn0UvBFsIrEytPFCmy2sAfvaZ1DHexWqbI2lbrBiWxRlthUi4i-AMttGcIiYCTx4dGugvzKnv-9BDNRRAjxobheb0ia5fG5irM7oM7Z3PyveMLk8GXrVYjxFLJ8UM_rSVP8Rr6ynd7bAlZUhYVN7tsDq4otqU1QkFNL-e3EkOO24_WQ73E43akgC5XdY3OXk3z-J50d4cIwtJDknAa1eizqK8ENj4S2GG-hMYDsu4WQrsl74CAgN1wXqajKdWLxIw_7N48EPa9KoFAlYWw6nXpjCHPqmwL7gvSM-J7RPFPnngqtF80BmdBUqQRpX1C6bVBoLNuecazD3AnKZVX17vjizGjMv-oWeDABIYYVIsw1AWyu53ytV_mzsgC-cHQHM_AsXvLgtR96X1wA7QrmN_T_Q5JLytX1RZIU4VYkzpwKX39ClHDzgpdBpqMdhFUZGfioekyWqgkip3wdxLMg&sai=AMfl-YQxk7-Fz0XRm2BgzgpJ9T6hOFqkX0H6NBvV7IHr7RRZQnt7wXEDAMJRq8XbRwu999QPpHSq9_DeY92o0FCJi5E4UGcM_6iFX58_W21-v4HnDvkrQ0845kayBO3-xf1lHQlAM0TzJqrfpsEvl18y0BvYEk891ZAKcDlFvTdidly6gR28RiDjrlwZInnPTQDoamOPHXEYc0m3NRnnQsHB7bsIipopPohfT0xuxvdeV_1Jg1kLedilXSPXGIfnT7ivSjFpe6oxGRPCVYpgRBVS4PRjDw74VlJ8b8nvJMoSXEewMOxsroa3OhovCpkuTLBlNTm5LIUuAjcHg7Lty_gE-vLTWA6v1F_sHAwhm340WBz5YrOkj75o0Rj4YjNSSAvu2kTC4S4Mthuqi993O4rpqUqV&sig=Cg0ArKJSzJIHSURpH3i4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=134&vt=11&dtpt=132&dett=2&cstd=0&cisv=r20231023.03319&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/?link=aHR0cHM6Ly9lYXN5Y3V0LmlvL0xtdUU0Ymhy

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/2637942969135582680/ Frame 9C2C 5 KB
2 KB 8ms
5ms Image
image/svg+xml 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2637942969135582680/logo.svg

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90705e1fe849108785f9bdda3de8292c0eba37b6c194b0835aca706d002221b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2041
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 13:49:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 23:03:21 GMT

GET
H3 200 300x250C.png
s0.2mdn.net/sadbundle/2637942969135582680/ Frame 9C2C 3 KB
3 KB 12ms
9ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2637942969135582680/300x250C.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5952340bd779588ae4c96665f5b594fa15fd41dc88f09dff05f3ae898dbace1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:03:21 GMT
x-content-type-options: nosniff
age: 83822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3292
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 13:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 23:03:21 GMT

GET
H3 200 300x250B.png
s0.2mdn.net/sadbundle/2637942969135582680/ Frame 9C2C 3 KB
3 KB 9ms
7ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2637942969135582680/300x250B.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd14d911a455bfc76bb4ef7335a841dea09ff57bd4a3de009fe29d9f964ec49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 13:22:18 GMT
x-content-type-options: nosniff
age: 32285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3407
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 13:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 13:22:18 GMT

GET
H3 200 300x250A.png
s0.2mdn.net/sadbundle/2637942969135582680/ Frame 9C2C 3 KB
3 KB 16ms
13ms Image
image/png 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2637942969135582680/300x250A.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f4fc3b81d99c3dd05fb08ff963fd373fd74835f9e29632a39a6e862d61b0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:03:21 GMT
x-content-type-options: nosniff
age: 83822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3447
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 13:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 23:03:21 GMT

GET
H3 200 300x250BG.jpg
s0.2mdn.net/sadbundle/2637942969135582680/ Frame 9C2C 55 KB
55 KB 17ms
14ms Image
image/jpeg 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2637942969135582680/300x250BG.jpg

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52e75fabae28cd071710de5578f42e7a146093ff7624d86ad841554610d2f473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 13:22:07 GMT
x-content-type-options: nosniff
age: 32296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56552
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 13:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 13:22:07 GMT

POST
H3 204 AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 18ms
18ms XHR
text/html 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VMp3niW-v3KThFyWu0ERaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-VMp3niW-v3KThFyWu0ERaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dulichkhanhhoa.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 17ms
17ms XHR
text/html 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXtpppjdUFS-q3LtbdWDpqKK1-ZCKVgZLun7AVyaHrKyZTw5q-sjmkr62PRmdQX6AaL-33ilHHFu21_WO3Hz_DKUUDhnXXUII9bNsTHDgVON5w5Am6CBnV3ti4af47vqaCeEbbk6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-16XfqeNxqiMZxbLEGtjbew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-16XfqeNxqiMZxbLEGtjbew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dulichkhanhhoa.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX9e1-TAGAzpPfb73R1J3aAXxqUhBzSt9iqYxYvuPHL2ShRUiwelAVNsDJGxHybAstdL_3wJ4wHHba5ZUu22cpxg7MOvdfaudapLttx1S4xgmASaqV-qi29yBG3CkHTaFT8mXlL0g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 40ms
39ms Script
application/javascript 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX9e1-TAGAzpPfb73R1J3aAXxqUhBzSt9iqYxYvuPHL2ShRUiwelAVNsDJGxHybAstdL_3wJ4wHHba5ZUu22cpxg7MOvdfaudapLttx1S4xgmASaqV-qi29yBG3CkHTaFT8mXlL0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MTg2MDI0LDExMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kdWxpY2hraGFuaGhvYS5uZXQvIixudWxsLFtbOCwiN2dZWFh5Wm1ydnMiXSxbOSwiemgtQ04iXSxbNywiMCJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92eaabf4f968bc7b9318d7492c5a696e0b47ae1278e49578aa03e90555105d78

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2nfRU3MxVSeAEHN562H77Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2nfRU3MxVSeAEHN562H77Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9C2C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DD9
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOWV1T0MVvacPAIp-Tsr_9g&google_cver=1&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXk...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOWV1T0MVvacPAIp-Tsr_9g&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXk...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXkuiUMu_Oo0NxH4w&google_hm=bDkyQWY2a0FWbGFiaEQzU...

170 B
188 B

12ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXkuiUMu_Oo0NxH4w&google_hm=bDkyQWY2a0FWbGFiaEQzU210c2Y=

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 22:20:24 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSb1oLpElt8H3ZRW8g-5kOS8rN2Yddpe0lo8fMMZ1sOM8ihRbk0M8K4MOd6W3nuDTizVquPp0TuLSJXkuiUMu_Oo0NxH4w&google_hm=bDkyQWY2a0FWbGFiaEQzU210c2Y=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DD9
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEICTmwpeFcAgCvbBODlvSvk&google_cver=1&google_push=AXcoOmQWOV50oC-XF4317TaHJLwp3kiDyqjJAZAzZpHCmohgA2SOonXUFrBgVds3c34ojpjAo73mP9LuGnRS_dw...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQWOV50oC-XF4317TaHJLwp3kiDyqjJAZAzZpHCmohgA2SOonXUFrBgVds3c34ojpjAo73mP9LuGnRS_d...

170 B
188 B

9ms
9ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQWOV50oC-XF4317TaHJLwp3kiDyqjJAZAzZpHCmohgA2SOonXUFrBgVds3c34ojpjAo73mP9LuGnRS_dwUfH8NU1wzjZlJ

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0AdNQRu6Xphmg4arGffpD9E6ou4&google_push=AXcoOmQWOV50oC-XF4317TaHJLwp3kiDyqjJAZAzZpHCmohgA2SOonXUFrBgVds3c34ojpjAo73mP9LuGnRS_dwUfH8NU1wzjZlJ
Date: Tue, 24 Oct 2023 22:20:24 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DD9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF8oCTwoPjME9U-gV1kobG8&google_cver=1&google_push=AXcoOmRXPXuw0vu6oSinph2w3IpW7fkP2c_Tm_Q4qXdzQqRjWMZUagrA_HPYvS_MKszpQ0JTBIv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQyQVotRy1LWTMy&google_push=AXcoOmRXPXuw0vu6oSinph2w3IpW7fkP2c_Tm_Q4qXdzQqRjWMZUagrA_HPYvS_MKszpQ0JTBIvvshWnc3TLubXDQtym02zn367u

170 B
188 B

8ms
7ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQyQVotRy1LWTMy&google_push=AXcoOmRXPXuw0vu6oSinph2w3IpW7fkP2c_Tm_Q4qXdzQqRjWMZUagrA_HPYvS_MKszpQ0JTBIvvshWnc3TLubXDQtym02zn367u

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80VzQyQVotRy1LWTMy&google_push=AXcoOmRXPXuw0vu6oSinph2w3IpW7fkP2c_Tm_Q4qXdzQqRjWMZUagrA_HPYvS_MKszpQ0JTBIvvshWnc3TLubXDQtym02zn367u
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
Expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 5DD9
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEriQ9FG9GdLkuQT_EpElDk&google_cver=1&google_push=AXcoOmT9R4LDtvu-ZJgqnM8WKaR33NYCM-iiaPx47WVb-AUeMT9ggfAMCi22MZh4M9bXt4xoKQBgynBx3iU-P_uG...
https://sync.outbrain.com/cookie-sync?p=smaato&uid=3b5a4c90e3&gdpr=0&gdpr_consent=

0
287 B

919ms
190ms

Image
text/plain

38.133.127.159

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smaato&uid=3b5a4c90e3&gdpr=0&gdpr_consent=
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 38.133.127.159 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 22:20:24 GMT
Cache-Control: no-cache
X-TraceId: ad33f9566a6690f8166d34863eedebec
Content-Length: 0

Redirect headers

date: Tue, 24 Oct 2023 22:20:24 GMT
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
location: https://sync.outbrain.com/cookie-sync?p=smaato&uid=3b5a4c90e3&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: nxc5y-4swrp4jQ-86fgu42avYWXEQxxxDgdtUM0QEghd-wjsgpYFag==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DD9
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEFyn7WEdWiekfDWhKUzMbWA&google_cver=1&google_push=AXcoOmSQGir1XZSCX9ePLVf2XR02dINoZbc8nS_OpwA3FpBolXVQYb6XFWf1GzKx1MnHw1vma_ahDl-XHiL4BkILl...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSQGir1XZSCX9ePLVf2XR02dINoZbc8nS_OpwA3FpBolXVQYb6XFWf1GzKx1MnHw1vma_ahDl-XHiL4BkILl_OzRWYxPeqX&google_hm=AWaF1mJZxUlkqd8oZRCN54I

170 B
188 B

14ms
14ms

Image
image/png

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSQGir1XZSCX9ePLVf2XR02dINoZbc8nS_OpwA3FpBolXVQYb6XFWf1GzKx1MnHw1vma_ahDl-XHiL4BkILl_OzRWYxPeqX&google_hm=AWaF1mJZxUlkqd8oZRCN54I

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSQGir1XZSCX9ePLVf2XR02dINoZbc8nS_OpwA3FpBolXVQYb6XFWf1GzKx1MnHw1vma_ahDl-XHiL4BkILl_OzRWYxPeqX&google_hm=AWaF1mJZxUlkqd8oZRCN54I
Date: Tue, 24 Oct 2023 22:20:24 GMT
Server: Apache
Connection: keep-alive
Content-Length: 231
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 5DD9 11 B
218 B 82ms
80ms Image
text/html 35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESED0FONMrP5cdCGhwWEVquzI&google_cver=1&google_push=AXcoOmTIWcgYKsnP-cYpHPhdqi_oKUlyffl_4W6L8VK5eQehEsML_6D_0bBBnDaTbKyb5J_9EcUxVnKsrxUI0hkK5ZvPTYrCBiZL
Requested by: Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 22:20:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 11
Content-Type: text/html; charset=UTF-8

GET
H3

200

dot.gif
s0.2mdn.net/ Frame 5DD9
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESELvNBtjJ58wHyCBt40ClbXc&google_cver=1&google_push=AXcoOmQbt-lQ4u6V3SSQZzdm98yswFuh1kinNbBmp5TsbrT3FVPk5CG_mpKl9pCh4m_c4HUxERJ7Et0Axi6acFnOlfRa...
https://sync.gonet-ads.com/match/google?google_gid=CAESELvNBtjJ58wHyCBt40ClbXc&google_cver=1&google_push=AXcoOmQbt-lQ4u6V3SSQZzdm98yswFuh1kinNbBmp5TsbrT3FVPk5CG_mpKl9pCh4m_c4HUxERJ7Et0Axi6acFnOlfRa...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MWU4Y2Y1MDhhZDg2MTFjZQ&google_push=AXcoOmQbt-lQ4u6V3SSQZzdm98yswFuh1kinNbBmp5TsbrT3FVPk5CG_mpKl9pCh4m_c4HUxERJ7Et0Axi6acFnOlfRafRV...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MWU4Y2Y1MDhhZDg2MTFjZQ&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
73 B

6ms
4ms

Image
image/gif

2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 11:32:48 GMT
x-content-type-options: nosniff
age: 38857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 11:32:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5DD9 0
12 B 8ms
5ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvQrjvJzqRxND_TDlkuOqpj8vP7sKKiEGxj055zkcOEzomoEhQBO5o7DDYCAFY7WhQ8wcevQ

Requested by

Host: b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
URL: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310161805000/ Frame 2D34 196 KB
56 KB 37ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ed98afdf07c26938026bc4321a292270ab5e88543721eb3742bdee15e7e522

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 17:15:23 GMT
age: 104701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56087
x-xss-protection: 0
server: sffe
etag: "ce965173ccfc061f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 17:15:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 2D34 15 KB
5 KB 51ms
19ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310161805000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 17:15:23 GMT
age: 104701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5214
x-xss-protection: 0
server: sffe
etag: "074ac5099ebe1c18"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 17:15:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 2D34 94 KB
28 KB 48ms
17ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310161805000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 17:15:23 GMT
age: 104701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29090
x-xss-protection: 0
server: sffe
etag: "28725fc6b633962c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 17:15:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 2D34 5 KB
2 KB 51ms
20ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310161805000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 17:15:23 GMT
age: 104701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "6742f79812773482"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 17:15:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 2D34 40 KB
13 KB 44ms
14ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310161805000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 17:15:23 GMT
age: 104701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "7f93bdbf69ef7d3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 17:15:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2D34 4 KB
655 B 16ms
13ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Oct 2023 22:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:12:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Oct 2023 22:20:24 GMT

GET
H3 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2D34 3 KB
3 KB 8ms
5ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 05:42:52 GMT
x-content-type-options: nosniff
server: cafe
age: 59852
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Wed, 25 Oct 2023 05:42:52 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2D34 344 B
368 B 7ms
4ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 11:47:52 GMT
x-content-type-options: nosniff
server: cafe
age: 37952
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 25 Oct 2023 11:47:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2D34 0
0 60ms
57ms Image
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWTbbPbkJHHICYLfShIkI-UWWdP_NjyihoNfzStrL6yI2rYci56xFZUVF2blOz5h_8iKEaFxruNVDkU0FoFDiV-lEgYw
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 300x250BG.jpg
s0.2mdn.net/sadbundle/2637942969135582680/ Frame 9C2C 55 KB
55 KB 9ms
7ms Image
image/jpeg 2404:6800:4003:c00::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2637942969135582680/300x250BG.jpg

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::94 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52e75fabae28cd071710de5578f42e7a146093ff7624d86ad841554610d2f473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2637942969135582680/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 13:22:07 GMT
x-content-type-options: nosniff
age: 32297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56552
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 13:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 13:22:07 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17581456796194510637/ Frame 2D34 21 KB
21 KB 9ms
8ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17581456796194510637/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

985cf964707b4958a9e74048f3498d325fc17336875769d06e6364a27b12cd67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:02:04 GMT
x-content-type-options: nosniff
age: 19100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21676
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 18:46:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Oct 2024 17:02:04 GMT

GET
DATA 200
OK truncated
/ Frame 2D34 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2D34 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c729ffc77a5a67ef6d9d4a430e7ef7ced27d13e8f444d275b0b53b7ff99a13d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 206B 0
23 B 12ms
11ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYDraJkM4ZdgXoaH1_A_fxovQDgAAAAA4AeAEAg&bg=!ZWalZinNAAao7_3LiO87ADQBe5WfOBMu5MmNgRlhhfCW2solmucxkOSIEvvmvsmiKPEnMgeJcwQQtTmJxQf05zvTVy_AAgAAAqdSAAAABGgBBwoAOuvaZmVXYuO6ceQxN-SJkk6DAT1kkVeY-TX0rPGH-FZk9GUbojPa4jpPt_Qcx2V_kJtXbn-i0QP8y4-ZAwKoL7ppXB5LkvykmUyUYOWBx9tahF3GSojTu5ZJeH3zw4VYi2xRB32Ya1KiDcDv7ih5DATLEqhJ1KCc_h1MQEWvkAqeQwupLI1QQuylWlGGBySY-L7B-IfjAMK2RjV6OWuplTwBAEfhmm9EHt_4EdZUlOA4Fb5823UUlyHTk8rZTAhmunv4U_9HgzxGiUgaLS_JKMSvSeqN23FqvvkQqJ0ZqUPvkiUWALvKDX5DEU7AH69XK4GYazCarEyv4wJzp99uXBiUHUNaRhtAS7vm4sL9YXXk1dkVxeAzPSXE6o6rJJnPM-HK_kM4B748jYJQFtZVtmDZbVspRSzveiONTeD3xGyJil5S8J34W3hIXyOeNPCcu9cZlmeqdC_ayUZvwqyO4T4xYSQYjKiHE6y2OZ2D5hVjMsRNMm01nTUV2JdbMa7ckoPZQAWlES-KFoMfWKXy50daysbRQJSHxfNR4wcxqFZyf6WfJdXjrmsCeAPytOmsPAAjv0gS4hmbYQNB2fWXX0bFESMTzryNMyROWpuQgW-isMBk4bP_J-VOxED2fU1-dexeRPqE2hk4DcF9oJm491J1VkqcYdsJo3oHhrrunzp9DasBa7vAEjWNQL77X6oGJFVwNKTRRr1Wy7gu8Fge2LgTeG-qTyzd3ejzaZKTFodBa1SU81JsUMZG2fEwfYonwwVOQsyb7nD2HF-e0vqS3tCjctv7OZgrfjJJ-QnFbmnOo3od9W8t5rbFvviCZpW0NRoOxXh1RBL758L-iKOkLKHNGhO8zmTLOuyLjACvwEXw_Km8i28RNj4ps9m529cTxbFnpsa0S9PVJzY0WnBUCtcbewcrq13DWFxIbhegraOk5UwMugAQeWXHGLyXb_JGNEylZTT8lvU4-IWf64QjBkEm2iAyyp15ce6HTGKmt0yP45YXYowjZAfRd0tudFIVPMrQZJvvVgrzGls_3RKwwIkJYJowngBe6We3kxNFcK5iJonOIAhuMJfXvsK75S93PLtYqDF7T5CdYVIRyeQu4Q

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 64e6bb24793ab101a1840ac8 Show response
c.bannerflow.net/a/ Frame E2D9 73 KB
24 KB 567ms
57ms Script
application/javascript 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/64e6bb24793ab101a1840ac8?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsveBW1Kl-VsHmbf_HxKFDmsjMy8q4uhmuImGheQjMBeYou1OD7NdygWLJvob7mb1iHJOyro0D9EhtM3hkcKVUZyNVhnplpVLehSS_QaPLK4OIhaEcF-OoX2-6a6NWm3d_2vlcRXfd_W997IC0gFHJlVMtOhy9QZKgzHhGpSksqWsEohPBup3XIkI6GeqdKvF8XZQ59mjL6XKaYqDSTrSREX2DkM0sttiHGHJVLCmFluJIlruJ9IxWvWVOfZOs8jhOePmxezsxmbYwHkCPYHiRKM3pb6pyAWv4V_NB9esKxJUDtEE0ZCa2aseHtSdXLZaMAh6WsDblsNURqGkwrLNQETkyEKxZJiey337RI0V436IK0RVZwXakhbjzo0ts6_YJC93oX5L-fpJcDfFo0rcdTqhlmnqqwodhMAnXfEK-NmA9BOm15JxFKDGGSbtSdQKR07-W2PiKqPyrVwVptW0r6-MXZc1sVF8REIJ_mlzo1mXv5cXjqcTj43GJYac0-VWF2Tb5CW6eS2bmr216RgitGh4A-uCbyljc52NrWnvNUwe73wptVDCvT1reP-Hbd9kRO_QdxlRTuC30iyUiRt8aBx4tBraNnr9lJuMG90c0ZVo5-sy4XcHrB-tY5MPz_t62BVBwUaMy4NFNs_Z6Xeen6UIQtc9jwDBIH765fXhLfD615ABMpfcum6SBpy1uXZrJlQdTVDNtwX-CQErzG_obXTMlqfzdRO4i50LisKTzHISuckPwBj90L-2raQF6Fp7zIQHmhbyXRwLq7jadoSA-jeAyiXMQyoIZDOIWo0HQ3cFCdJuFTJcRNoSnanTjN8W9YDFQlKb5_xWFf7fXAkXJnpNxZwANeHCh9YeNtOrPDqDpbLPeobejRdNazOWHbH56oe0L3CO7LVtvrRVNtoKVbKyTciQxQMxrmPfZhZO63t0My5H2K1lLYXp_Yut665frV9yP9AQZefES5sgnDnRFfbpaaE9Tlso1_6a-P6O7cNSTU7-bhE7Q8nF9MGw4DVu73mW4QlhS3O_DkDf0gW-UMoCgaQaEdSSIimmI2_jFnSAB888VnmXKGHJZYGIh90AORPTaapturJ7_DgkfdKcLyiUnMJlQpzzT3dQpw_KKUyCFLOzm_fyY7EzcoptnnfSUtDCgpEBc2wW_SrA1x9yiSbP_13lBjUx0CwIfEmtJltn6MUIYAwDyMwRZXl4qDQLm7WzKo4-X_6WcwziUmZomlgjOmokR1ktxY8cD2-NPM4r42nsV9UUNy0KOyWdrL7qL3YoZXrHfqsZikEoMOmSQdWTbo%26sai%3DAMfl-YRkLOuvwc-KXKLYKGNhY8Mh3HhUAK9Ck9nVvYbfJ4FQ-CzjUQC3xZthaQ1nb4X5N76o5yXSRCSSKw4cZroukKcBwxfk9OffjC_oCsHf9vszs3jOCP7M1EkzaO5L-W5SEId_YQ3tLiYN3xKac5RX4PmPfuV8kaz8sBj17FfG4OYRHCp1vi5vjyQqkSekRntO4jdgXAScmQQRTkUz0hPc_H6qeeL4rjJuGznvIfebcv0_lhvNDM0E1TAJ3_lD4d7CmUh5lPNGCfG2%26sig%3DCg0ArKJSzINl6bz-hPNpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8475597%26adurl%3Dhttps%253A%252F%252Fwww.flyscoot.com%252Fen%253Forigin%253DSIN%2526utm_source%253Dgoogle%2526utm_medium%253Ddisplay%2526utm_campaign%253DSG-ALL_AODISPLAY_PRO%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7383965533667852288/POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf0a9c144e37ad3781e2db146716137ea5bcf077aed5a2b267ba53ecfb36b5b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 24 Oct 2023 22:20:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 81b59b5e4ad55fea-SIN
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2D34 16 KB
16 KB 8ms
7ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:31:06 GMT
x-content-type-options: nosniff
age: 470958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 11:31:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2D34 5 KB
6 KB 6ms
4ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:06:55 GMT
x-content-type-options: nosniff
age: 472409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5604
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 11:06:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2D34 15 KB
15 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:09:46 GMT
x-content-type-options: nosniff
age: 472238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 11:09:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2D34 12 KB
12 KB 13ms
12ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dulichkhanhhoa.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 11:13:06 GMT
x-content-type-options: nosniff
age: 472038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 11:13:06 GMT

GET
DATA 200
OK truncated
/ Frame 7CAC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66a76158f74cf809619981d4903eb9fbc81bff8e5513c517fb9935be1ad3d148

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B3DE 38 KB
13 KB 16ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 68091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:25:33 GMT
expires: Wed, 23 Oct 2024 03:25:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxUeGHd8E8_SVQeLjLyyVK5u5kUgt9kB-DirdIX2MM7-zyPHFwdaFJXAXwH5OBYUredFaGHd3Q4YRs0qM7wIDW-_HYVAlHamSeJrjh5Oardr1tFT-3-ole2FiW2vVG7lUBI-l8-Rmw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 46ms
45ms Script
application/javascript 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUeGHd8E8_SVQeLjLyyVK5u5kUgt9kB-DirdIX2MM7-zyPHFwdaFJXAXwH5OBYUredFaGHd3Q4YRs0qM7wIDW-_HYVAlHamSeJrjh5Oardr1tFT-3-ole2FiW2vVG7lUBI-l8-Rmw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MTg2MDI0LDMwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kdWxpY2hraGFuaGhvYS5uZXQvIixudWxsLFtbOCwiN2dZWFh5Wm1ydnMiXSxbOSwiemgtQ04iXSxbNywiMCJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37cb1b4d177bfd8d6768a4e3a85e0c4d00a37dc917fa4872c80de254eb038c0a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--aTKEVtms7dDi-Iixh5Evg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--aTKEVtms7dDi-Iixh5Evg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2D34 3 KB
3 KB 5ms
4ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 05:42:52 GMT
x-content-type-options: nosniff
server: cafe
age: 59852
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Wed, 25 Oct 2023 05:42:52 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2D34 344 B
368 B 5ms
4ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 11:47:52 GMT
x-content-type-options: nosniff
server: cafe
age: 37952
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 25 Oct 2023 11:47:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18F9 0
23 B 8ms
7ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BApUoJkM4Zcz_Dcqf9fwPu9mewA8AAAAAOAHgBAI&bg=!ZGelZyjNAAao7_3LiO87ADQBe5WfOCqt10G8sMHELI55GG5X7C2aVtbTVpfU9G34j-rOxlwpkcSpak3QN5eWVEzcD32UAgAAAqlSAAAABWgBB5kDGLcdNRDAJgH0agEmzIGDtNZ6c2m7PkrcF_-gDwV8yUnG9jpW2BMpVQwafR2k7Kz4R082hV_ESxJ6atwMffquiy4FTGaV-60OmTtlDh2NGIF_GaHxD4E6KPI3Bqxy6-4TUh9l43Qf7hPi46v1KZQ-g2lTxz7Ym1_VGB0J_wkpMQm1mx4fD-Mj6j2XPPacuL2ekxGfty56AhxS5VQNlddc3egQQ_iNa7V-6vu_43r_n_5n-d2z3miCS6-UNioX4CK2JoGyCMF_ovR1SAuOIT-rIWb9v3qSrQ05SD9jV4pY3vY2BwgNlz7NCQTjNfARwqY2_jHWdPuzJnCgv2A3mzWBE8QcIsgllGc6244JV_gOtQvw5-GQBwsbzqrndScttvJ-u9ciaF7BYWn2V1WU3J6D-JE8S2vtAdxXfE-qtmxUzgaGYh_xC5vvpZ9HQqhCaIPoVesO3YzBckjHNPO9lys8JKx1MBn-fnKD88q8caXaZZkqVt8AZqhc_EyiwOKqERze30UPKekS18WDxL6XrQlNEuTgVf22ON2I8KqKl09ivCfoZY4Qy6CdSRfJtYpKmWN6I51P5VsYyhpMNrX4riE7hTYapU3RkcJEgQiU0NMZq7SaCn8phu7tUNNT-qDk2NiLaZrp7Eiz01Ojtz8uYdAt66o-MqqG8vZmx4wacfcenBhbsT5iYlhJCI-lAtxAGsHyNXDWoct2yR-vNKPWLqI9PR1jBluzK6ybpmlaVDMIVDv8nNCURzeWUqXfilaeQBbYmFtlrQ6-FOOeRmltTT6Wwf96GWND5kNqK-X6sX5k96wbRwiq6Gm2fTCoAo-fvw6YM2R09vVbqzrVJbZ7LZhEBfln2GC-j5P0i86H_VMAeAMWnfaAyUZjyV5GqocPvzTiCPrQIpkiEGmEvjD1OT_d6tGzwbuA1WCrXalVr7Rjl4oZSUZvQJPLKMK-ipdlRtNERbXfcKT6naiN1jqYOwyUfcAD_07KuVre09xQMnWOrpvkZD8TGGwjaRFLA5LmP4yaVSqajSXYkhGBgMKbXqtjEDZmMgEdBxW43Q

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 120C 42 B
64 B 13ms
12ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzZDH_FHprPudM-BGqDCy-8JvC5BbtgkC42ZQK-ZN_UjYLD5zZ8CZl9vtFuZCBSyE_2RwYnFqjds3cCS8AV44ZFg6rTpo8jr_f1o-YRhSbQwaRiB7X9tCTOcQV1rUGb_9ajjHEGT8Jzg&sai=AMfl-YTRDQ5IjhH4tU8g1goMMH6wiihphJY0OFu5dIRJrJZoF2cgA6lYNtWkBklqBwcUQ_7ngrwk6jjQB0mGIt7bya5es5rh83h900P3VR8mfuH6G86lXna_naAs3DU&sig=Cg0ArKJSzB5Y_OJsXDP9EAE&cid=CAQSOwDICaaNauiWC8QvvHgucKJu7Y5RsFwFfGQCpUlzGN3U4TW5lwp6yE-MFOY431Vo3a5RytU9yvIFsh-8GAE&id=lidar2&mcvt=1019&p=975,954,1225,1254&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=689883489&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698186022812&rpt=528&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2D34 0
0 24ms
22ms Image
text/html 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6neUJ0M4ZdeTIcmi9fwPsJOPiAn91Ivhc4nXqY2EEtvZHhABILq0l5cBYL8FoAGkn_GjAcgBCakCfKVnH7Bkxj3gAgCoAwHIAwqqBJgCT9CBwKjV1TxjCtaZQDoSgcImY4VPOzi9MVO2-xzqLtVI3MQb8Om0wRHUsFbuQERldGMAHGlb20lcmqjX6ucPUWLTslNCMql6_wmMwKHTpdl1xylhE4upCvqg9d_P_yeMfp1d2v8-J1WObGfyLunZg-m-bnQRp2eSTEP8Vn_L-V2uyVWnuXUgk1iXywZM2UmRhbfrWwpSDSxABVeg2UQKEq6pIYzTlYrV81i5qyLfHFLCUcAjwpqLi9b50Oh6I72Q4AFTkA3pDyW-RopRFYDI8wWfNSzxoGPSR55mz1aSV0MqcZpN4uTYreosArogg3kGIlSb_iRXSrnGk8-OnaV6Icg9soxnDg1MqIUy8O9dw0GXuyHriSMTJMAEpuDpg7wE4AQBiAX66-yITaAGLoAHxOCO3AKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC0xQbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJogFodHRwczovL2FyaXN0aW5vLmNvbS9CU1QtQXJpc3Rpbm8tbmhhdC10aGktbmhhdC1ob2EuaHRtbCN1dG1fc291cmNlPUdvb2dsZSZ1dG1fbWVkaXVtPUdETiZ1dG1fY2FtcGFpZ249QlNULU5oYXQtdGhpLW5oYXQtaG9hLVQxMCZ1dG1fdGVybT1UdWFuLVNldCZ1dG1fY29udGVudD1DUE2ACgPICwHaDBEKCxDQrYWD67Wfi_YBEgIBA-INEwjEpdX024-CAxVJUZ0JHbDJA5HYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDY4NDU5NzUzNTkxMDQ4OBigrnk&sigh=eNtxPHCpW3c&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN-bDqkpmRhuVKmxLNqWOO3DQLCzfW7ODWWXceo0jXaUR3Fs8pjFgBc2un46EtZq1dmkHOrGqkGAE&template_id=5000&cbvp=2
Requested by: Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF13 42 B
64 B 17ms
16ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1-oUybfeVN4dEsB-JUXSvgsjJ59IErk14VgYjmAny2BWOFHzMy7kd3U_pidqwCqlmnjASFxCfzvR5kkowayw9AWfVGUDOjL5WNIyFdcLykpvyo3one7mwtgTXRbM1hFfWu0r12Gfddg&sai=AMfl-YQpXQ59Hl4F_YJzQ47uqTuPgOMKcRjLy5YwfHK7uGYpT1chAiFwEqP0hBKMzac7jQNHGlxZimanKBi7xStTHCVdtMup_pbUttFxqIkqO9Gl1BeblfEgmosVnKo&sig=Cg0ArKJSzKORbr-OKT0SEAE&cid=CAQSOwDICaaNluW6q2vSwbiWYnU4hmEpOq25OM38zNxdzPf8sXvN0dHooVncfafg_3kZhVKgmfb1PvGA2v9UGAE&id=lidar2&mcvt=1013&p=975,650,1225,950&mtos=0,1013,1013,1013,1013&tos=0,1013,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=20&adk=689883488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698186023018&rpt=546&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 766B 0
23 B 8ms
7ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bb0qEJkM4ZeqJGpS29fwP8uyXYAAAAAA4AeAEAg&bg=!7u2l7aLNAAao7_3LiO87ADQBe5WfODpRKZK9VOgrIFw-l89qAYx5OmbYHStdcxY8pgSgEylLeXqw9QAdzf7D_X1pcWl2AgAAAnpSAAAABWgBB5kDB8JfvJG3kWhlVmW-cCDuz8vk3qj6MmUCOyNVGRJ-H2t27ahP6e-oUDipnTGfE07VSqBAkmzdv6fRxXTM9oH8TG2lmOAE7s1YAkYivogiq84FVdKd6LNOES1rBpbzcilPRnw_m9nPQ9gtzANayDoL9RkxCFWU93cjbixLUtW7HedlvXuDm6F-hQmbDqYHMHsNpQhD1k2GxKfdkUZbYrtiS9k6b_Fic-gVTlioHYX7aHWyzoydBUhlnfeCSOX2_dq8EAWhTrRHxrjJZGy1MJmAEKyAve45RWxwEEFoSz_0EbjX9pfuKZDsIeJBXCTaViuVfQzk0LQK_7mg1hLgxLTEmSwwSDt3h9Nqa6MH20ezhitmcg1RwLOOlJhOfrD1AS1evFzMR4rlRsiUeqCJ40-XgSOk2Z4txqZ9qU0LO4EAm5DuRXvHYMg5aKJuQvKXph6Er3BXMpeVUwK3s2l952n-I1rjoU1iiPY2dJNd-s5FkGFK_hzEm3pKK-mN6uGBqhSQuEmVg597vz4cYnTTPMbkhBsV3Hd3cvcP1XJ3nfjELH1m-jhVh7h-jZ8zVpJWAiP7WXM-Hmn9djH4oO4mVVFju_QLARMUco-y8j7m0X558yzrGjLcRFpSpK2JYjyM1eWhrHCro8gJIDFldBgbuxqq7JgWFsS2j5MLcVAhqBlj1-NyKR8-L8NYsqisS7Fwbb9C8mEOLph-nK8DzOEt1Py71452wuX9wd-P3lzQwFyMF63T7ssg92h2HlyZgqHUc9iRyunevuxBaudt_N9wwSdwfcFV0PPx8s0G9P68sqyGH-8QyEYAd34dcLKrKP-TWVW2oILvrz1wcnF_dcth4flusqp5f26EgX6PP2rrPudrXqXlEI_VXQkQxfCN88-SgcaXAxhZF4Ofp_OGzWqMWpPN08oyFf-7_96IzB20eL7VzseD3peABKxEULwodLiPkX1pTlF7xIB9ILo-Cg5JU86DN0QcIdrijMRfftjrGfd2eeYEELq7qLFMW9hNt9VdL3djde_ffj9MryU

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1A9 0
23 B 9ms
8ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlPIuJkM4ZcfnJuyJ9fwPxcCtsAcAAAAAOAHgBAI&bg=!2Nul25TNAAao7_3LiO87ADQBe5WfOHsukTd5x7Af19RVv_-HOLTpg4nAMfDup4Xo2jdoiUTfZmKQ39a_o1G9PuPf5PqzAgAAAfBSAAAAA2gBB5kDDFxGHkxWo2ObtIlVTHAZBaPbaUglVzgaBfItGQDt5NprFbJhEWPeCRZPeCiIj8KBh-wZGZZi2EpSAXB6OBwXW09PxAC9pBPWXn56RUuLjKtEzljba7JwECPnA6C4VkdE1xzs_JgTfF1lER1vZAaIfzG6Y9R-uEF4QQfC509Iuf0r7PQLGkkcI0Xcwjk6YgTzvWIoyPujyVkaYrotML9SXAa6tI67yFOKjYm9AyrGIQ6NLZ6txum97GRDnQVbUmWxaLNDFMtZeUj7qMJA7kUGFN1A5MKe8Mw4lR-6cYkNyPCpGoxXMMOVOghJ0bYFBVj4T2HIdf0PB_I8wPF-D03d_Dz-lVcxVKHtOQgrALHr_Jj6UlP3D0gF7BFa5ETBqxDWW3ySUZqF2c5wH5vssqmeZP7oHCAhf2KE4B6pnNpn3ZgOBm-Qx6CJeeaT2XT9RSKdsI6quj4otKo_oh9zwWB8Q3bhJrAutnjqH5yHAzUSfDiG5VtNoGUYvUOP7P07OGlU8pOZl7a0Rjz9yMmXz_K9uDlDaaSnfRb9wRwaScP3NnYUd-fY6YYHqp4k-kFEaXZlAyVw-2tCH4AlmbmsFFCS5LnCnsMpsDsUrWDqVK60C2Rhxb3UKpJ9S5T_BDZiSMKRnnjGLuSIZBH7n2eGB3cU_Dpcsrmv8bOB7xL53Bd0wivjFJ1KmnakCU91bpNvzP_FbPxTaU5B9sevUSzXxSFK9uM74ku-HQ-gId2WZ5dcfMxNHt_1jVHLCAWVc69iaPI-K4RmXoa3I6f8feFPQw9UL7bGRgaLBtB_hK6IvYgF5BNMMGGmmbdSlmXrihh3ZqfQ0-OOYhg7NPp1J1uec-3X8ONQeOqWxi9h9K5Ae4g1ScE8mHAmlqi6P4k0c9QTTf8BMuUQgMJXGvqHXe6X2-9DH7tX1s__12GDglycanldS83FIJqdE0e7E6C_i9dNTudeAjJYNj3XsSX5BuEqHp7mLC_BO18EhEwcAwG-ouPxFAQv8qapBQNCtcfViqdXaJ6-fTNHGlWoKVkpXU7Jdw

Requested by

Host: dulichkhanhhoa.net
URL: https://dulichkhanhhoa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUMBz-5jBk3MDCJj831p4uWd9ePiEdlNPfx8ZoyrVprfsvqBMn_Ml9mx0bqeN5USFmbSly76PVaa0no4fl_RjNW0lLJoTYcyDqUCynXKD7ULqpMc1zX9fRwbo8x2tugTrQoSdnwcw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 19ms
18ms XHR
text/html 2404:6800:4003:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUMBz-5jBk3MDCJj831p4uWd9ePiEdlNPfx8ZoyrVprfsvqBMn_Ml9mx0bqeN5USFmbSly76PVaa0no4fl_RjNW0lLJoTYcyDqUCynXKD7ULqpMc1zX9fRwbo8x2tugTrQoSdnwcw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JV0q0QhZpHiCYpi5qd9CeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JV0q0QhZpHiCYpi5qd9CeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dulichkhanhhoa.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 13ms
13ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231023&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

272fd7912b89eac2204126cd97d8aa6805febb9d85509e59da59ae4be2c4cdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12099
x-xss-protection: 0

GET
H3 200 8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js Show response
pagead2.googlesyndication.com/bg/ Frame B3DE 38 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15035
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:13:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 22:20:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EB4 13 KB
5 KB 8ms
5ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 142095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 06:52:09 GMT
expires: Tue, 22 Oct 2024 06:52:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 938F 829 B
560 B 18ms
17ms Document
text/html 2404:6800:4003:c00::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a5753ffd0c326b47245d5613e1ebc7b6d20591dfb4235f6166697fb1353c165

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6FQmx-2Dm73sPbSFaOtGPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dulichkhanhhoa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6FQmx-2Dm73sPbSFaOtGPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 22:20:24 GMT
expires: Tue, 24 Oct 2023 22:20:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 document.000000E391498E.js Show response
c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/published/5551572/7612973/ Frame E2D9 40 KB
6 KB 15ms
12ms Script
application/javascript 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/published/5551572/7612973/document.000000E391498E.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64e6bb24793ab101a1840ac8?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsveBW1Kl-VsHmbf_HxKFDmsjMy8q4uhmuImGheQjMBeYou1OD7NdygWLJvob7mb1iHJOyro0D9EhtM3hkcKVUZyNVhnplpVLehSS_QaPLK4OIhaEcF-OoX2-6a6NWm3d_2vlcRXfd_W997IC0gFHJlVMtOhy9QZKgzHhGpSksqWsEohPBup3XIkI6GeqdKvF8XZQ59mjL6XKaYqDSTrSREX2DkM0sttiHGHJVLCmFluJIlruJ9IxWvWVOfZOs8jhOePmxezsxmbYwHkCPYHiRKM3pb6pyAWv4V_NB9esKxJUDtEE0ZCa2aseHtSdXLZaMAh6WsDblsNURqGkwrLNQETkyEKxZJiey337RI0V436IK0RVZwXakhbjzo0ts6_YJC93oX5L-fpJcDfFo0rcdTqhlmnqqwodhMAnXfEK-NmA9BOm15JxFKDGGSbtSdQKR07-W2PiKqPyrVwVptW0r6-MXZc1sVF8REIJ_mlzo1mXv5cXjqcTj43GJYac0-VWF2Tb5CW6eS2bmr216RgitGh4A-uCbyljc52NrWnvNUwe73wptVDCvT1reP-Hbd9kRO_QdxlRTuC30iyUiRt8aBx4tBraNnr9lJuMG90c0ZVo5-sy4XcHrB-tY5MPz_t62BVBwUaMy4NFNs_Z6Xeen6UIQtc9jwDBIH765fXhLfD615ABMpfcum6SBpy1uXZrJlQdTVDNtwX-CQErzG_obXTMlqfzdRO4i50LisKTzHISuckPwBj90L-2raQF6Fp7zIQHmhbyXRwLq7jadoSA-jeAyiXMQyoIZDOIWo0HQ3cFCdJuFTJcRNoSnanTjN8W9YDFQlKb5_xWFf7fXAkXJnpNxZwANeHCh9YeNtOrPDqDpbLPeobejRdNazOWHbH56oe0L3CO7LVtvrRVNtoKVbKyTciQxQMxrmPfZhZO63t0My5H2K1lLYXp_Yut665frV9yP9AQZefES5sgnDnRFfbpaaE9Tlso1_6a-P6O7cNSTU7-bhE7Q8nF9MGw4DVu73mW4QlhS3O_DkDf0gW-UMoCgaQaEdSSIimmI2_jFnSAB888VnmXKGHJZYGIh90AORPTaapturJ7_DgkfdKcLyiUnMJlQpzzT3dQpw_KKUyCFLOzm_fyY7EzcoptnnfSUtDCgpEBc2wW_SrA1x9yiSbP_13lBjUx0CwIfEmtJltn6MUIYAwDyMwRZXl4qDQLm7WzKo4-X_6WcwziUmZomlgjOmokR1ktxY8cD2-NPM4r42nsV9UUNy0KOyWdrL7qL3YoZXrHfqsZikEoMOmSQdWTbo%26sai%3DAMfl-YRkLOuvwc-KXKLYKGNhY8Mh3HhUAK9Ck9nVvYbfJ4FQ-CzjUQC3xZthaQ1nb4X5N76o5yXSRCSSKw4cZroukKcBwxfk9OffjC_oCsHf9vszs3jOCP7M1EkzaO5L-W5SEId_YQ3tLiYN3xKac5RX4PmPfuV8kaz8sBj17FfG4OYRHCp1vi5vjyQqkSekRntO4jdgXAScmQQRTkUz0hPc_H6qeeL4rjJuGznvIfebcv0_lhvNDM0E1TAJ3_lD4d7CmUh5lPNGCfG2%26sig%3DCg0ArKJSzINl6bz-hPNpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8475597%26adurl%3Dhttps%253A%252F%252Fwww.flyscoot.com%252Fen%253Forigin%253DSIN%2526utm_source%253Dgoogle%2526utm_medium%253Ddisplay%2526utm_campaign%253DSG-ALL_AODISPLAY_PRO%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f39007b08180f8c6d1d70ea5794bd19e567a9604773f16eba64b8ceeb22dc774

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:24 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 609nthVWnnHbcDg5EZ4Nww==
age: 1368254
cf-polished: origSize=46017
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 09 Oct 2023 02:16:06 GMT
server: cloudflare
etag: W/"0x8DBC86DB2082C10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3aefe2e1-401e-0087-0d56-fa7e43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 81b59b5f0b4c5fea-SIN

GET
H2 200 animated-creative.10208ebc70975a84c804.js Show response
c.bannerflow.net/scripts/ Frame E2D9 156 KB
53 KB 17ms
15ms Script
application/javascript 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.10208ebc70975a84c804.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64e6bb24793ab101a1840ac8?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsveBW1Kl-VsHmbf_HxKFDmsjMy8q4uhmuImGheQjMBeYou1OD7NdygWLJvob7mb1iHJOyro0D9EhtM3hkcKVUZyNVhnplpVLehSS_QaPLK4OIhaEcF-OoX2-6a6NWm3d_2vlcRXfd_W997IC0gFHJlVMtOhy9QZKgzHhGpSksqWsEohPBup3XIkI6GeqdKvF8XZQ59mjL6XKaYqDSTrSREX2DkM0sttiHGHJVLCmFluJIlruJ9IxWvWVOfZOs8jhOePmxezsxmbYwHkCPYHiRKM3pb6pyAWv4V_NB9esKxJUDtEE0ZCa2aseHtSdXLZaMAh6WsDblsNURqGkwrLNQETkyEKxZJiey337RI0V436IK0RVZwXakhbjzo0ts6_YJC93oX5L-fpJcDfFo0rcdTqhlmnqqwodhMAnXfEK-NmA9BOm15JxFKDGGSbtSdQKR07-W2PiKqPyrVwVptW0r6-MXZc1sVF8REIJ_mlzo1mXv5cXjqcTj43GJYac0-VWF2Tb5CW6eS2bmr216RgitGh4A-uCbyljc52NrWnvNUwe73wptVDCvT1reP-Hbd9kRO_QdxlRTuC30iyUiRt8aBx4tBraNnr9lJuMG90c0ZVo5-sy4XcHrB-tY5MPz_t62BVBwUaMy4NFNs_Z6Xeen6UIQtc9jwDBIH765fXhLfD615ABMpfcum6SBpy1uXZrJlQdTVDNtwX-CQErzG_obXTMlqfzdRO4i50LisKTzHISuckPwBj90L-2raQF6Fp7zIQHmhbyXRwLq7jadoSA-jeAyiXMQyoIZDOIWo0HQ3cFCdJuFTJcRNoSnanTjN8W9YDFQlKb5_xWFf7fXAkXJnpNxZwANeHCh9YeNtOrPDqDpbLPeobejRdNazOWHbH56oe0L3CO7LVtvrRVNtoKVbKyTciQxQMxrmPfZhZO63t0My5H2K1lLYXp_Yut665frV9yP9AQZefES5sgnDnRFfbpaaE9Tlso1_6a-P6O7cNSTU7-bhE7Q8nF9MGw4DVu73mW4QlhS3O_DkDf0gW-UMoCgaQaEdSSIimmI2_jFnSAB888VnmXKGHJZYGIh90AORPTaapturJ7_DgkfdKcLyiUnMJlQpzzT3dQpw_KKUyCFLOzm_fyY7EzcoptnnfSUtDCgpEBc2wW_SrA1x9yiSbP_13lBjUx0CwIfEmtJltn6MUIYAwDyMwRZXl4qDQLm7WzKo4-X_6WcwziUmZomlgjOmokR1ktxY8cD2-NPM4r42nsV9UUNy0KOyWdrL7qL3YoZXrHfqsZikEoMOmSQdWTbo%26sai%3DAMfl-YRkLOuvwc-KXKLYKGNhY8Mh3HhUAK9Ck9nVvYbfJ4FQ-CzjUQC3xZthaQ1nb4X5N76o5yXSRCSSKw4cZroukKcBwxfk9OffjC_oCsHf9vszs3jOCP7M1EkzaO5L-W5SEId_YQ3tLiYN3xKac5RX4PmPfuV8kaz8sBj17FfG4OYRHCp1vi5vjyQqkSekRntO4jdgXAScmQQRTkUz0hPc_H6qeeL4rjJuGznvIfebcv0_lhvNDM0E1TAJ3_lD4d7CmUh5lPNGCfG2%26sig%3DCg0ArKJSzINl6bz-hPNpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8475597%26adurl%3Dhttps%253A%252F%252Fwww.flyscoot.com%252Fen%253Forigin%253DSIN%2526utm_source%253Dgoogle%2526utm_medium%253Ddisplay%2526utm_campaign%253DSG-ALL_AODISPLAY_PRO%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9a25950c9e02e6c14363a79a85f185edc44cdfda769a8d60c2c5783c98d425

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:24 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: vVk2OXvh22MXnRgTAEdhIA==
age: 1771460
cf-polished: origSize=159653
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 09:18:08 GMT
server: cloudflare
etag: W/"0x8DBC4BAD2DFF352"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cbfff625-401e-0063-4aab-f670dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 81b59b5f0b4e5fea-SIN

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 938F 0
0 6ms
5ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231023&jk=3885881968441235&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EB4 39 KB
15 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 08:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Oct 2024 08:33:10 GMT

GET
DATA 200
OK truncated
/ Frame E2D9 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK b5ec1667-6147-4a66-896c-0d75737e23e7 Show response
https://s0.2mdn.net/ Frame 3A56 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/b5ec1667-6147-4a66-896c-0d75737e23e7
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.10208ebc70975a84c804.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame E2D9 3 KB
3 KB 25ms
14ms Font
font/woff 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F632966f1954b4b0b14574ecd%2Fc95f9395-c20d-415b-8f76-52704d2e9e88.woff&t=%20%21ACEHIKLMNOPRSTUVWY
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7383965533667852288/POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d348590000bce30a2f75ac5756dceec6933488c5fd4d18fb8c8a22a4f529b1f

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Sep 2023 10:05:04 GMT
server: cloudflare
age: 2549721
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=c95f9395-c20d-415b-8f76-52704d2e9e88-subset.woff
cf-ray: 81b59b611fb84923-SIN
expires: Tue, 24 Sep 2024 10:05:04 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame E2D9 5 KB
5 KB 13ms
12ms Font
font/woff 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F632966f1954b4b0b14574ecd%2Fc141f045-054f-4670-b225-a39761990209.woff&t=%20%2a%2C-.IKLOTabcdefghijklmnoprstuvwxy
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7383965533667852288/POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d503e2872085436167931817c33c1647c5179ad66f38b47c43e03f83401bbc

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: HIT
last-modified: Mon, 09 Oct 2023 02:16:12 GMT
server: cloudflare
age: 1368253
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=c141f045-054f-4670-b225-a39761990209-subset.woff
cf-ray: 81b59b61d8724923-SIN
expires: Tue, 08 Oct 2024 02:16:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3DE 0
26 B 9ms
8ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqzHlJ0M4ZcPBBuSS9fwPlpCE4AcAAAAAOAHgBAI&bg=!gIOlg8zNAAao7_3LiO87ADQBe5WfOHNB69rNJauvxaqnPgGXcnb1aSZ6ZEExv-jwvZiwuWbhN7zhYlOc_fu1ZD4HhUZIAgAAAaJSAAAABGgBB5kDAljHcmLS6PwuSxI3_wM4nZZQFCxMTuzYctrRrZMPi2J4mcffip5EEr2xoLzCSybAEX73ZiY6ODw7GnUGj_1sbuhyQdoML-mNwwzjb4Mej2KBBFg6YuagDzUBbs1vK1y0a7s6DRhj3MS73W2DykuHoEmjO3XAvSiqnp3-sb_3byLLEjQ3mdpb1CqWz5xlfwLKaEGguAjYrbiqRrJ5pb2GRV8l-BfaBQcw2CthHr_MFCACG5-M_eszgTCL0h5aUtZMh-vVQoHVhceMZiHmCBx3hw_g3GqbwQJNUcVYjsSxPG2Gscg7z7YeV2FlQ5IPHqQjygfoXQeOen5gdGV1zEA3bFh1pnvptOoKcAIQKVLWgY5A45s0YdruzvIraAP9yhTYe-NA3zJBUcIkFcpz1RfBPUfdf_QMgRS4yLPFWqAjNqE5CYQwS-WTytQ5dFM8fLcVru9DGDxHSkVZn_Y8sTkmmO2EeBpeoqQCCp_QwnJ2J3oCg-Wpvcuq0T8NBPiMoLCV-2nH6cx0mscYO7od6kpeSA_YW82pi-Rn_UkRwhmbLvwWn-Dpd66CunGQ2kLSjDd0_bBc6YR_DS5Tbv-tIwRl0BHGu3UGvMEhOvyBid8XtbmmSzwRTD8aQKAaNe6BugXjs1h2OybuTnfVv8UihWxZY3jEn0-4uscsfNk5FRbE6emDZcT3dzp95WSzE3TG712AZmx5sS0X_bPk0roCyFJ-k0v663GQ9uH-PokAcaRIJQXE-KswMz3ZEZRI6YxjdxT24k_3tXYsSvIZSARjaZLvqMrQs4NPMI_sj9FlxLl3RncEFE_qZhuPUMO2FBtUhkJ-Hn04ps3e2CwK3WMDyadfgkoszwEsLk0rVC6Ab4nEHfnp2LunR5KoKVxNCW4gokeUmpYtd5VD-UzlI7qu_EoBddmzDPNPcPtRKOGkmTTWjaTlGOFtcKEctdS-vYpKddIvrEK1WdgLtCgmzKm0eTMXmL4dv1CKLUl8924P8Q-9xp6Nzmy9MVGwPXgYk6Vg9y8LFGEX

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7CAC 42 B
64 B 12ms
11ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk8lJXqfukZDuyWVX6diztOHsVQ-PEwn7WIJOnrqx5Z2EX7A1_7GqA8PGGvivIO3lwf3UN5fNHc_IImlFohbgI1OqpqgW9OZu8RX7NHqRV9p_uFN8VcMWrU7VsU1Qi&sai=AMfl-YQVSFehtrF232MG19BDqRQyvrbANbsRLty5l91JkSw27GlFC2Vrh5d3sALb1XDWjesvpKnh48ShLQ1J-adhm_qpnaIoa5ctE3ssWVZ-JI1qXFRPn4DT_Bz6c94&sig=Cg0ArKJSzI_mxA_ioxvYEAE&cid=CAQSOwDICaaN9eAfeAG-5AM_WPJeQwa8ZUjj2L4PJubVUlsglNBW0IRdkVm_MFqooMkjij0P7tDughq11FCoGAE&id=lidar2&mcvt=1015&p=290,497,890,797&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1535702786&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698186023676&rpt=549&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame E2D9 2 KB
3 KB 11ms
10ms Font
font/woff 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F632966f1954b4b0b14574ecd%2F1e154f96-ab23-47eb-8011-7ce3b3fa383f.woff&t=%20%24%2aBknow
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7383965533667852288/POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ccf7f5798f805ebf591a4bb832b7cd32772ea79104aaf76852b4096b3cf9ec5

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 04:25:42 GMT
server: cloudflare
age: 12246883
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=1e154f96-ab23-47eb-8011-7ce3b3fa383f-subset.woff
cf-ray: 81b59b6208844923-SIN
expires: Tue, 04 Jun 2024 04:25:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0EB4 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?l6R1xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame E2D9 2 KB
3 KB 13ms
13ms Font
font/woff 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F632966f1954b4b0b14574ecd%2F37d0bca7-4ac2-476b-bdcc-dea7d71f0078.woff&t=012378
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7383965533667852288/POSSGMaster-English-300x250-638284397881390605-d2b25437-763d-4571-a986-686da95a5d19.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cda0470e845624f9ab5d24866543b5f2d453aeed8b2f6d64e16fd7f482ac8a

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: HIT
last-modified: Mon, 09 Oct 2023 02:16:14 GMT
server: cloudflare
age: 1368251
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=37d0bca7-4ac2-476b-bdcc-dea7d71f0078-subset.woff
cf-ray: 81b59b6238a04923-SIN
expires: Tue, 08 Oct 2024 02:16:14 GMT

GET
H2 200 a0874122-b553-4f48-899e-38528c15fbcd.svg
c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/ Frame 8C8F 2 KB
1 KB 17ms
12ms Image
image/svg+xml 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/a0874122-b553-4f48-899e-38528c15fbcd.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 505eda6efd27349b7abb2d8d71f97fb64b5d4a22d8db2875ee3eab19af7e7be8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 3rKixwZLpgaWrvt56wV6Cg==
age: 5514
x-ms-lease-status: unlocked
last-modified: Tue, 06 Dec 2022 02:29:05 GMT
server: cloudflare
etag: W/"0x8DAD731A57FF341"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e9edf818-d01e-003c-6e1c-f1c4e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81b59b628d795fea-SIN

GET
H2 200 50653770-a87e-4712-b59c-026b6869619e.svg
c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/ Frame 8C8F 10 KB
3 KB 14ms
8ms Image
image/svg+xml 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/50653770-a87e-4712-b59c-026b6869619e.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a50324b99bb380aa7fd3352a960f51771664957c97821b9bca8925f2246d7ce9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DBRPLYQHjN+K2dpMYtKGRA==
age: 5405
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 06:21:44 GMT
server: cloudflare
etag: W/"0x8DB15663C6A0815"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d311fd9c-701e-001a-751c-f18cf9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81b59b628d7a5fea-SIN

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 8C8F 8 KB
8 KB 18ms
12ms Image
image/webp 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ffly-scoot%2F63296c73e2659d3a1f761374%2Fimages%2F7d991503-343b-4064-9797-fc5f54af92f7.jpg&w=96&h=126&q=99&f=webp&rt=cover&x1=331&y1=0&x2=844&y2=673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e167e3cdaada54c05f3e52a1f1a5f131cbb76eb228488292629adea95464b519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 02:26:37 GMT
api-supported-versions: 2.0
server: cloudflare
age: 71628
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 81b59b628d7b5fea-SIN
content-length: 8322
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 8C8F 6 KB
6 KB 30ms
25ms Image
image/webp 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ffly-scoot%2F63296c73e2659d3a1f761374%2Fimages%2Fb8a6d26e-f539-4fd8-84c8-0398fc87dc02.jpg&w=96&h=126&q=99&f=webp&rt=cover&x1=376&y1=0&x2=912&y2=703
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f71f9bedfb4cefcaf5fd6f6ef6c17afc518587e885dd6f90d6a54607773058a9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 07:28:26 GMT
api-supported-versions: 2.0
server: cloudflare
age: 53519
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 81b59b628d7c5fea-SIN
content-length: 5850
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 8C8F 5 KB
6 KB 17ms
11ms Image
image/webp 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ffly-scoot%2F63296c73e2659d3a1f761374%2Fimages%2Fbcb496f7-3bc4-4e19-8703-fc17af054d69.jpg&w=96&h=126&q=99&f=webp&rt=cover&x1=3783&y1=0&x2=6937&y2=4140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 98df4e4ef7e62d0153ffed3d9f45d30e37855ffe31e0ab0a56642d15be6e02d9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 02:31:25 GMT
api-supported-versions: 2.0
server: cloudflare
age: 71340
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 81b59b628d7d5fea-SIN
content-length: 5498
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 8a27b748-6608-4c0d-bd94-c27b5753d7b4.svg
c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/ Frame 8C8F 4 KB
2 KB 15ms
10ms Image
image/svg+xml 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/8a27b748-6608-4c0d-bd94-c27b5753d7b4.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 273f93cf3ec5f88d72e6273b7bf03f4a19f5798199b20ba760726aff51bc35bd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: wsbY6ve3hL47yY65h+Vksg==
age: 5398
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 06:09:04 GMT
server: cloudflare
etag: W/"0x8DB1564776CA206"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2ab2247f-e01e-0055-051c-f1fdad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81b59b628d7e5fea-SIN

GET
H2 200 2c96528d-d36c-4c69-a74d-c6c0e5356566.svg
c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/ Frame 8C8F 48 KB
17 KB 20ms
15ms Image
image/svg+xml 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/2c96528d-d36c-4c69-a74d-c6c0e5356566.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d10fb692d49490421d5ec9186cdb6a7fea3d6cffbb8cfa051c587eefa5125be

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DnJm2/bkTJpknfTQmZzdVA==
age: 5341
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jun 2023 03:46:12 GMT
server: cloudflare
etag: W/"0x8DB6D530FF6CB36"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5aba80e7-501e-009b-71a5-ea2c23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81b59b628d805fea-SIN

GET
H2 200 9d8c1e8e-5d88-4794-8c5a-e903dc0cf286.svg
c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/ Frame 8C8F 961 B
705 B 19ms
14ms Image
image/svg+xml 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/9d8c1e8e-5d88-4794-8c5a-e903dc0cf286.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 407cf30399b36de75f78c7c1448a93b7b35d53515c3cc5d8ec1af64e60827f7e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: PfxWXfDVqzWJYLgbUO0BMQ==
age: 5284
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 03:32:57 GMT
server: cloudflare
etag: W/"0x8DB30064A5572BC"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a72ad6c5-f01e-0014-3949-eaa549000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81b59b628d815fea-SIN

GET
H2 200 44218fe8-f91c-4d6d-b21f-4b0a23334a4c.svg
c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/ Frame 8C8F 1002 B
764 B 18ms
13ms Image
image/svg+xml 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/fly-scoot/63296c73e2659d3a1f761374/images/44218fe8-f91c-4d6d-b21f-4b0a23334a4c.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d414082a9794c9db233ce21079b515dfcbe5b51083b3653c63f9b27f02741d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 24 Oct 2023 22:20:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: lWn51sVfkIpcjHq5INjuAA==
age: 5284
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 03:32:57 GMT
server: cloudflare
etag: W/"0x8DB30064A5AC989"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6a833b9c-f01e-0082-5749-eaac98000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81b59b628d825fea-SIN

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame E2D9 0
80 B 16ms
15ms Ping
text/plain 2606:4700::6811:c96e

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64e6bb24793ab101a1840ac8?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsveBW1Kl-VsHmbf_HxKFDmsjMy8q4uhmuImGheQjMBeYou1OD7NdygWLJvob7mb1iHJOyro0D9EhtM3hkcKVUZyNVhnplpVLehSS_QaPLK4OIhaEcF-OoX2-6a6NWm3d_2vlcRXfd_W997IC0gFHJlVMtOhy9QZKgzHhGpSksqWsEohPBup3XIkI6GeqdKvF8XZQ59mjL6XKaYqDSTrSREX2DkM0sttiHGHJVLCmFluJIlruJ9IxWvWVOfZOs8jhOePmxezsxmbYwHkCPYHiRKM3pb6pyAWv4V_NB9esKxJUDtEE0ZCa2aseHtSdXLZaMAh6WsDblsNURqGkwrLNQETkyEKxZJiey337RI0V436IK0RVZwXakhbjzo0ts6_YJC93oX5L-fpJcDfFo0rcdTqhlmnqqwodhMAnXfEK-NmA9BOm15JxFKDGGSbtSdQKR07-W2PiKqPyrVwVptW0r6-MXZc1sVF8REIJ_mlzo1mXv5cXjqcTj43GJYac0-VWF2Tb5CW6eS2bmr216RgitGh4A-uCbyljc52NrWnvNUwe73wptVDCvT1reP-Hbd9kRO_QdxlRTuC30iyUiRt8aBx4tBraNnr9lJuMG90c0ZVo5-sy4XcHrB-tY5MPz_t62BVBwUaMy4NFNs_Z6Xeen6UIQtc9jwDBIH765fXhLfD615ABMpfcum6SBpy1uXZrJlQdTVDNtwX-CQErzG_obXTMlqfzdRO4i50LisKTzHISuckPwBj90L-2raQF6Fp7zIQHmhbyXRwLq7jadoSA-jeAyiXMQyoIZDOIWo0HQ3cFCdJuFTJcRNoSnanTjN8W9YDFQlKb5_xWFf7fXAkXJnpNxZwANeHCh9YeNtOrPDqDpbLPeobejRdNazOWHbH56oe0L3CO7LVtvrRVNtoKVbKyTciQxQMxrmPfZhZO63t0My5H2K1lLYXp_Yut665frV9yP9AQZefES5sgnDnRFfbpaaE9Tlso1_6a-P6O7cNSTU7-bhE7Q8nF9MGw4DVu73mW4QlhS3O_DkDf0gW-UMoCgaQaEdSSIimmI2_jFnSAB888VnmXKGHJZYGIh90AORPTaapturJ7_DgkfdKcLyiUnMJlQpzzT3dQpw_KKUyCFLOzm_fyY7EzcoptnnfSUtDCgpEBc2wW_SrA1x9yiSbP_13lBjUx0CwIfEmtJltn6MUIYAwDyMwRZXl4qDQLm7WzKo4-X_6WcwziUmZomlgjOmokR1ktxY8cD2-NPM4r42nsV9UUNy0KOyWdrL7qL3YoZXrHfqsZikEoMOmSQdWTbo%26sai%3DAMfl-YRkLOuvwc-KXKLYKGNhY8Mh3HhUAK9Ck9nVvYbfJ4FQ-CzjUQC3xZthaQ1nb4X5N76o5yXSRCSSKw4cZroukKcBwxfk9OffjC_oCsHf9vszs3jOCP7M1EkzaO5L-W5SEId_YQ3tLiYN3xKac5RX4PmPfuV8kaz8sBj17FfG4OYRHCp1vi5vjyQqkSekRntO4jdgXAScmQQRTkUz0hPc_H6qeeL4rjJuGznvIfebcv0_lhvNDM0E1TAJ3_lD4d7CmUh5lPNGCfG2%26sig%3DCg0ArKJSzINl6bz-hPNpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8475597%26adurl%3Dhttps%253A%252F%252Fwww.flyscoot.com%252Fen%253Forigin%253DSIN%2526utm_source%253Dgoogle%2526utm_medium%253Ddisplay%2526utm_campaign%253DSG-ALL_AODISPLAY_PRO%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 24 Oct 2023 22:20:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81b59b62ddb05fea-SIN
content-length: 0
request-context: appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2D34 42 B
70 B 15ms
14ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKRb-DUP-3mnYvl02rHj5HRlEP5YpKlIRN4Yugez0frHDSgaK1_bXRiygmU8xZSSW5bbhc0uYOLnrlz0grqun0XGaMlmaL83LGPgkeD9iYjxuim91RdNv_1K6kKZfp9GFAMwcmmAqvy5-rs--xDYNdCV5Rwg852UU5qXVWWYzqP9CMpsQLeVmn1g_teNDaqiROyqI3w1oaG65Ur1Ywg_Daf_CBGU10h0_dV2NBo35cIyC1_sbNDT0U93DqMlmyMj-IyytZN3YanxEDkoV0FOOxknVqYZvMXBaH6LqIORLmGPPofX49dpq6-o8-uHY3atYyPCyt0uifKefx3B7Kas3xYzgXc-jZ8qJ9UyGYprmVKf9XGoYER4lXauyny8EkSYSuG1k-FkbD_1WEZx33yd7wel4zdVysTkJf0he4LiyP5Pc0j6i5P1sDbd7Igs16QUweCdyVvu8QemOZ_1WmcJKeRofP5quO-rbRrisCoz3azSmS0fTf1ObOW-9Fd8MiY0z9RrWqER_MTrIM3ZJrkmkXiWBfP55jMNhE_63sM3uxQqKGGEpJfO9lOJeWpo51cFmHuqFctpQJCSLK5C8JZT0lo8RtPGQBr-3NPt9VMeWM0NeQxDfmDjPFCSumukgr2nwTSPPs6IjryWAGkGjFuW6kgdOsvv8eMHW9JXh1fBH8-C8fs8T0IynENJHON1fHimg9e0Yr00lCDIzXQagTTjXnWbwKNA4rb2NY8rieQm04brwhkOA3j6f2ScymAD7-RJphbuRkSc9l2Je3uR1Y1Tj578pKJ9ENO168pM9b23i46_IarWuZPa2zX40NS7dnzIZQv9wA5h44KMTtf4Ztwt2SDDUmBlVDMSnBX-BD2uA6B8AEIxM-Quru38Q75Xop-uJdYWfOfrk4OhR4D74zj9RWQjtdULNzEvDEM5m3Q1FWBBxuCYRpBOSHMW1PPtW8Fj0fp8dB2VgVDTJL3uSSzjmQC-YPkrrRIqVdeGVwqL_gbEpuPsnyTODi8v-E4jJ_ASEa0-13Z4Nb7IImu0OqZvEdOZjYeJueXVImKx2LH4FznPb62pxEUB8rBgXj7pbhdRve2K-i6GuHm3usLMYMTsoFqhGRERoA5ZHab3rh-NdMQCCPecWYw01K0ywVl9QLnj70aHS5on8yDsj8dvgzTdIBRVAuoISoNzw2rye2uU6jF5rSjqspK965EEKUOxa8D2T_Dj6l5IQzO62YT1rp4_5WeDJhWmfj_eQH6Da3hnNs5oQQQracf-q3ntxsAlVKfno5dNmK5y0g4H57q9d6L7gbYyPAmWRzJxJQylCaaY_KqLbRG3SVM7vHioH4t3RGByR6y56clF5sJX7emrAarsvEQFYEJN8zUV_Ik5AIPqtmx2nAhYSctYWEOY_G16YQdDG9b7EhppTqJvVi_h0LymizCa3FFQkd0H9V28BKmi5Q9f4L0NnyI6aMy__QwrN8fHZOZ9w2qGk8AmV1lhBnzY6y0Co&sai=AMfl-YTwCfw7fSeIxL0EOC3tXF6yrFO7nXSRVMWf84eTnt-Ir9WwmwT4Tt_TnOh6SkBCDzEimQ-W3bcyqRshztmMLQNpEoDy57ry11I-tUozIs1DWo2bkIu_6kvxY2S93kuSkbtURfdYZvZ5&sig=Cg0ArKJSzBHJQy2izV_wEAE&cid=CAQSOwDICaaN-bDqkpmRhuVKmxLNqWOO3DQLCzfW7ODWWXceo0jXaUR3Fs8pjFgBc2un46EtZq1dmkHOrGqkGAE&id=ampim&o=346,976&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=390&tls=1395&g=89.46466445922852&h=89.46466445922852&tt=1395&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 22:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 9ms
9ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231023&jk=3885881968441235&bg=!vb6lvvHNAAaMkNwkrJA7ADQBe5WfOND8vz-psiVwe6Gr1VSRAtsaSZjEJ2jouS6_ooaFRJpr0VHSSHB3zqkKovehnQu8AgAAAW9SAAAABGgBBwoApNyMLaLyVFRTlJyB_TqoI-QkWGkEWon857HSXmDSxAARd3R1k021sWeGqyRCFjyobNnPiTVMvrTlCHAMleV-R3ZyVKoIh4LGwMLdmhRDSIxUfESQtmlnVbSQO2bGTp4FSA83saByOAKHbXRU2nWX6t4OZl2whJDYn2ulcawwQmZbVduP88dxeTSNCPuyXmAELEzOgKRqxTrGgMAfYSkkO0p5H5EzmQKvHTvL5Hlgfm90K5r4xt7lWCMDIQjdJz3xDOG775374WFwnpHKv8GukKWNQ8UR32HUkScOurM91AhOv-Kq6Y9CI9JjxCx-YL-nCeN91f5xIxzISDyBSbZe5ikbgHhENTJ6SuKtGF34_iC3uudXiYzIkeqo3p-QaVAECWcaZDbY15sz6GNFAaZQCglP-3tj7VJ3P5q5BvPfiArF-4M_kl6lHRkXcj_fvrh9W65bsUyGSLsT4qcucXphauYLzBp4-9cEev4LgsPu1S5Q4F-5vm3dTq6hCuJUOReSApz_WXi8F95assOA3V37XH0OyyLN-Q83DbsEhpakBoANVJuXrmtIyfbfYFWPRXhKnu7nL4ic-iIAd6xraikK6ynUMrT5I4ahtxxwkmioMk9_grEpE4d5TDuu8Gjv8q5OnKn0ZXzDvrUZWxRKPsC0bL1QTI1sw_WDFStq47gKfJw4Lgh73lLWlTmEAPIBs9Yt0lIxAlr8fV7Pivf2GTRbbQ_P6IfpTqXv1Et3RtFz06s07nL_mnEi3ABC-Hgp_j4P07E0dXFMuDsma0VI7SuJrjeEx0xBNkRbFHbxWjLOEshMZaoKRndXe1C4Imse1GCSYZVqoqOQuW_b-ud8VTQPAXN0eseJA-V3CViVxHbrSbEZfJ3xtu0BDdm3cLwxLjUjgaOLDZc0DAlgr11foz37rkoBkfJN2ELyltvOKQ_bEcmdrpCtjF8-jirWA265A-ld8GM-3aHO7YjT1waRzcikS06GJm9GDm8pyt3NR7LGyMEzm-3JiCBP6CvBAwkXVz1Xw4A46xROufQGfYJ5nre9ma8VgiQftMp-wDqmxLBV__Co4lUl1GxPY-r-WVNMe3LxhIxuXzgzoC0v4bLvQ4IeJkVCe_3nUcZdzNoVkqRryZV8Bt9zvPDP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dulichkhanhhoa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dulichkhanhhoa.net/	1970-01-21 01:19:06	Name: _ga_7KNQJ25KES Value: GS1.1.1698186021.1.0.1698186021.60.0.0
.dulichkhanhhoa.net/	1970-01-21 00:28:42	Name: FCNEC Value: %5Bnull%2Cnull%2C%5B%5B5%2C%22999%22%5D%5D%5D
.dulichkhanhhoa.net/	1970-01-21 01:19:06	Name: _ga Value: GA1.2.841601102.1698186021
.dulichkhanhhoa.net/	1970-01-20 15:44:32	Name: _gid Value: GA1.2.2002704.1698186021
.dulichkhanhhoa.net/	1970-01-20 15:43:06	Name: _gat_gtag_UA_159561376_1 Value: 1
.dulichkhanhhoa.net/	1970-01-21 01:04:42	Name: __gads Value: ID=314dd490cb5f1542-227382c87a8000e1:T=1698186021:RT=1698186021:S=ALNI_MY2kVkZufhMKpSbmyq2ESkAIalNog
.dulichkhanhhoa.net/	1970-01-21 01:04:42	Name: __gpi Value: UID=00000d9c510875e0:T=1698186021:RT=1698186021:S=ALNI_Ma5RLq5rG_ZFywim3CsNIJORxFDVA
.adnxs.com/	1970-01-20 17:52:42	Name: uuid2 Value: 5347701101720314768
.casalemedia.com/	1970-01-20 17:52:42	Name: CMPS Value: 4730
.casalemedia.com/	1970-01-21 00:28:42	Name: CMID Value: ZThDJrVnKK.16PSWaTZH5gAA
.casalemedia.com/	1970-01-20 17:52:42	Name: CMPRO Value: 4730
.doubleclick.net/	1970-01-20 20:02:18	Name: APC Value: AfxxVi4v8h0jrS1t-CrshXm3WIILigeDEhsD5N8lWASKeD9ve8On3Q
.media.net/	1970-01-21 00:28:42	Name: visitor-id Value: 3411876228094241000V10
.yahoo.com/	1970-01-21 00:29:03	Name: A3 Value: d=AQABBCZDOGUCENmb3yZyb3gHVqq5seEC6GYFEgEBAQGUOWVCZQAAAAAA_eMAAA&S=AQAAAvg_vP5r7dsklilUyiOs7mc
.adsrvr.org/	1970-01-21 00:30:08	Name: TDID Value: a0bdc4f8-89ca-4b92-be5d-f1498cd8e41c
.openx.net/	1970-01-21 00:28:42	Name: i Value: 0bd059cd-92a6-42e6-a4b5-b8006853fce4%7C1698186022
.pubmatic.com/	1970-01-20 15:44:32	Name: KTPCACOOKIE Value: YES
.adsrvr.org/	1970-01-21 00:30:08	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI7KzWpq66qjwQBRgFIAEoAjILCK6pzNPEuqo8EAU4AQ..
.fout.jp/	1970-01-21 01:19:06	Name: uid Value: GZwczMWW_Et4CcH9-nzi_iIHq_M
.pubmatic.com/	1970-01-21 00:28:42	Name: KADUSERCOOKIE Value: 66568131-F255-4EA0-96AD-F85E734F2902
.bidswitch.net/	1970-01-21 00:28:42	Name: tuuid Value: f7e7d00c-2fb2-43ae-8841-80cb94072506
.bidswitch.net/	1970-01-21 00:28:42	Name: c Value: 1698186022
.bidswitch.net/	1970-01-21 00:28:42	Name: tuuid_lu Value: 1698186022
.linkedin.com/	1970-01-21 00:28:42	Name: bcookie Value: "v=2&2eb73dbb-090a-4ed2-8466-0adc3cc086df"
.linkedin.com/	1970-01-20 15:44:32	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2856:u=1:x=1:i=1698186022:t=1698272422:v=2:sig=AQEUpcxce3Aj_jwomDnVoC8RclTgArsE"
.uncn.jp/	1970-01-21 00:28:42	Name: t Value: v_6685d662-59c5-4964-a9df-2865108de782
.socdm.com/	1970-01-21 01:19:06	Name: SOC Value: ZThDJsCo8YEAAI3TX3MAAAAA
.sportradarserving.com/	1970-01-21 00:28:42	Name: zuuid Value: ca6664cd-d4c8-455b-a1f7-3564e6b6f252
.sportradarserving.com/	1970-01-21 00:28:42	Name: c Value: 1698186023
.sportradarserving.com/	1970-01-21 00:28:42	Name: zuuid_lu Value: 1698186023
.3lift.com/	1970-01-20 17:52:42	Name: tluid Value: 247582339853794251176
.media.net/	1970-01-20 16:03:15	Name: data-g Value: CAESEMe6Yey6wRwTp0Q4opAIs_U~~3
.adnxs.com/	1970-01-20 17:52:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>xpOrhb!A#G'.TOKKnyW<U1`VROYQM-:Ccf=>A1]N+C>My*:^N%7EWy'm^Kb5/`^LFi/X%W#.wL4W1Qw1T5EWxi
.fksnk.com/	1970-01-20 15:44:32	Name: g_001 Value: 1
fksnk.com/	1970-01-20 15:53:10	Name: AWSALBCORS Value: KZxXfy/ZW2ktBAIBNcUChLn2xIV3wPuHUG0BYiEshbmdn9JTxAL7SB1DY1nKhwY7OtL9LDdzjyy4hLzF/APTk0J0wcV+4PSnLd5jpYTzZBUMU2GXToqRkfd9pWSW
.fksnk.com/	1970-01-20 17:52:42	Name: f_001 Value: 1230E85CB9C20C65
.socdm.com/	1970-01-21 01:19:06	Name: SOSYNC Value: anNvbjp7ImdkbiI6MTY5ODE4NjAyM30
.sportradarserving.com/	1970-01-21 00:28:42	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 00:28:42	Name: zuuid_k_lu Value: 1698186023
.everesttech.net/	1970-01-21 00:28:42	Name: everest_g_v2 Value: g_surferid~ZThDJwAaQQNpGgAN
.smaato.net/	1970-01-20 16:13:20	Name: SCM Value: 3b5a4c90e3
.smaato.net/	1970-01-20 16:13:20	Name: SCMaps Value: 3b5a4c90e3
.mediago.io/	1970-01-21 00:28:42	Name: __mguid_ Value: afe098ab4582d7561i7aaz00lo4w41lh
.dotomi.com/	1970-01-20 15:43:06	Name: DotomiTest Value: 7e0f706b44a31fb1
.doubleclick.net/	1970-01-21 01:19:06	Name: IDE Value: AHWqTUmSjmUbf7wt7Y0QMLCJWy2rtA-qzsfTQc_UV40867-gf4LnishLwEnY3GfDzKo
.yandex.ru/	1970-01-21 01:19:06	Name: yuidss Value: 8059873071698186023
.yandex.ru/	1970-01-21 01:19:06	Name: yandexuid Value: 8059873071698186023
.pangle-ads.com/	1970-01-21 01:04:42	Name: _pangle Value: 2XEEpnTKs6v4n3ApucXVIV9hjW2
.r-ad.ne.jp/	1970-01-20 20:02:18	Name: r_ad_token Value: 570MKN00dBDHN006oh1S

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://dulichkhanhhoa.net/(Line 1410) Message: Mixed Content: The page at 'https://dulichkhanhhoa.net/' was loaded over HTTPS, but requested an insecure element 'http://dulichkhanhhoa.net/wp-content/uploads/2022/01/maldives-island-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dulichkhanhhoa.net/(Line 1465) Message: Mixed Content: The page at 'https://dulichkhanhhoa.net/' was loaded over HTTPS, but requested an insecure element 'http://dulichkhanhhoa.net/wp-content/uploads/2022/02/verify.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dulichkhanhhoa.net/(Line 3095) Message: Mixed Content: The page at 'https://dulichkhanhhoa.net/' was loaded over HTTPS, but requested an insecure element 'http://dulichkhanhhoa.net/wp-content/uploads/2022/02/button_please-wait.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dulichkhanhhoa.net/(Line 3095) Message: Mixed Content: The page at 'https://dulichkhanhhoa.net/' was loaded over HTTPS, but requested an insecure element 'http://dulichkhanhhoa.net/wp-content/uploads/2022/02/button_ge-lik.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dulichkhanhhoa.net/ Message: Mixed Content: The page at 'https://dulichkhanhhoa.net/' was loaded over HTTPS, but requested an insecure element 'http://dulichkhanhhoa.net/wp-content/uploads/2022/02/verify.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dulichkhanhhoa.net/ Message: Mixed Content: The page at 'https://dulichkhanhhoa.net/' was loaded over HTTPS, but requested an insecure element 'http://dulichkhanhhoa.net/wp-content/uploads/2022/02/button_please-wait.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dulichkhanhhoa.net/ Message: Mixed Content: The page at 'https://dulichkhanhhoa.net/' was loaded over HTTPS, but requested an insecure element 'http://dulichkhanhhoa.net/wp-content/uploads/2022/02/button_ge-lik.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.svtrd.com
ad.turn.com
an.yandex.ru
analytics.google.com
analytics.pangle-ads.com
b1sync.zemanta.com
b92faf52dcb5a3491d25b56402043559.safeframe.googlesyndication.com
c.bannerflow.net
cdn.ampproject.org
cdn.jsdelivr.net
cm.g.doubleclick.net
code.createjs.com
contextual.media.net
cs.chocolateplatform.com
cs.media.net
cs.r-ad.ne.jp
csync.loopme.me
dclk-match.dotomi.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dulichkhanhhoa.net
eb2.3lift.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
ib.adnxs.com
im.bluevoox.com
image6.pubmatic.com
images.dmca.com
lg3.media.net
match.adsrvr.org
member.profitsfly.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.fout.jp
sync.gonet-ads.com
sync.outbrain.com
sync.srv.stackadapt.com
tg.socdm.com
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
v9999.adv.admeme.net
warp.media.net
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
y.one.impact-ad.jp
103.43.90.21
104.18.27.193
124.146.153.152
124.146.153.168
13.33.88.9
15.235.140.15
151.101.130.49
159.203.145.121
172.217.194.156
174.137.133.49
18.176.234.133
18.179.81.157
18.210.207.90
184.51.96.30
188.42.105.236
2001:4860:4802:36::181
2001:df2:a300:bbbb::135
202.232.238.37
207.65.33.83
23.36.252.26
23.36.48.24
23.52.171.89
2400:52e0:1500::868:1
2403:e800:e80b::2a63:8c9b
2404:6800:4003:c00::68
2404:6800:4003:c00::94
2404:6800:4003:c00::9c
2404:6800:4003:c03::84
2404:6800:4003:c03::9c
2404:6800:4003:c04::5f
2404:6800:4003:c04::65
2404:6800:4003:c04::84
2404:6800:4003:c05::5e
2404:6800:4003:c05::61
2404:6800:4003:c05::9a
2404:6800:4003:c06::9c
2404:6800:4003:c1a::5e
2404:6800:4003:c1a::66
2404:6800:4003:c1c::9a
2406:da18:929:5a03:8b8b:f38a:5939:37bc
2600:9000:223b:5e00:1b:5138:8a40:93a1
2606:4700:3032::ac43:825e
2606:4700::6811:c96e
2620:1ec:21::14
2a02:6b8::90
2a02:fa8:c411:12::1080
2a04:4e42:200::485
35.186.253.211
35.208.249.213
35.213.109.249
35.213.12.39
35.213.93.179
35.214.160.161
35.230.38.116
35.75.99.130
38.133.127.159
50.31.142.255
51.79.154.9
52.223.2.229
52.223.40.198
52.45.175.185
52.46.130.91
54.165.78.186
69.173.158.64
74.125.200.155
00383f2dcb90fd282ef7aa05a3ae9bc9b70f6080e3ebb4c1be84d9c7ac053d3a
00ac670d1defce326889e17d7a7abb6d748fa325c542293d1c625e01079133b4
0247c634a1f33aceb0c8a9f478a8660adfb2e2e9be7d9c11f9c136ca21ea4ec4
0611ff24713e9c7b9a28db7d4728673e7b64f3d0888a15ac57b4158a16d1aecb
07458368824c45ff647007f0f4c25c138977001a3aba5759e93ba2165ce9f55d
0814ceb83311ca54fa848a9a31915d46a05013536d38aa50abebb7cf223edf57
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd14d911a455bfc76bb4ef7335a841dea09ff57bd4a3de009fe29d9f964ec49
10948c06bb0ecf43f081d2b9dbd7767b5dd458e53c182ffa63d77bed9111bd61
14172a2dec0e55ff74d546606eeb513a5d9a057d76b190ce0d3d1b0b9df2c29c
1462f696a00b1bbbc052ea91624f21f3bcf697bbe2c0adcf88369d3870d4cd05
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17c53a77b42bd4e9ef0e0658c65bf453f720b5e7813ac4cb456bf2390431ac5a
17e59d7cbbff85ed15e13943b2836a366a6e4fa882cffd851409471bf4f2a301
1dbd18c0aa6071222d773de0ac1cde277406e857cf0b9c88cbf2035480857bba
1e39fae5bd620ed602612bf9204b25c37b0d02e24c40c81927d5bc648343118b
2137403e7d08fd8ee0532f68190543e3168e975c74e401c0b0811040b1240c0f
23658bf8e1ccd0a02680a7ebd6ac7672586f4d821e7058aeef9d04521eee7b9d
272fd7912b89eac2204126cd97d8aa6805febb9d85509e59da59ae4be2c4cdcb
273f93cf3ec5f88d72e6273b7bf03f4a19f5798199b20ba760726aff51bc35bd
296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311
29aa29fd8bfc55fc437df429d8dacdd6010dc1adfd1ba7ed5472bd7dca880471
29d503e2872085436167931817c33c1647c5179ad66f38b47c43e03f83401bbc
2a5753ffd0c326b47245d5613e1ebc7b6d20591dfb4235f6166697fb1353c165
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b83e82fe2093787ba52a12613cacd40dc62b25d6ed99ee1c8bb1563282af528
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d442646b87282c9572148a2886f7da47fb0292b18e8bd547193de54e3bb6c07
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f26017c206668e9c6d321d31e0f139d4c6f9ee5579242ed47aeaa4a8c00cb59
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
37cb1b4d177bfd8d6768a4e3a85e0c4d00a37dc917fa4872c80de254eb038c0a
3c40eb5c60bea9ada809fe128bd412bc44eb7b70407ef0c25428b4147a655c4c
3d10fb692d49490421d5ec9186cdb6a7fea3d6cffbb8cfa051c587eefa5125be
3d3709f0b3c56713e100405243fa3a75a67b9de7421785828af916e5ba9f9b0c
3e2b2e38bc3cc5049cf9adc094ab2a562bc3999bf1b92d2a27885cfefcb17254
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
407cf30399b36de75f78c7c1448a93b7b35d53515c3cc5d8ec1af64e60827f7e
40f4e16b51f5b6d6486fadad53a0babffe112e4f806d93b6150d88423cdda4b2
41cda0470e845624f9ab5d24866543b5f2d453aeed8b2f6d64e16fd7f482ac8a
42b46b24a2ee476c97e71a347b6d3d738707d9b85dee0a0da536e9124f61b062
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4387eb7ea7f12940f0ae2ed520ffdb574db31458a27724db49fdedaa32d719fd
4464712ab7d00b27f4513d7540a3fa8324a089e5d7908b5dd4b7e72a484eb7ba
44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1f3df3646c27bf2afe2e6ebe2a6fc0e3d3cc19bbebb265f205efd0e55f9136
4ccf7f5798f805ebf591a4bb832b7cd32772ea79104aaf76852b4096b3cf9ec5
4cfcfa8e803df7ad0f40497a37ecd20cee0b77c40dc975d9ad64fedcc0e39271
4f69fc7c16cfa6ca3af21eb6ab066af24cf45bc1b94ff472edf6f6eee2d7f66f
505eda6efd27349b7abb2d8d71f97fb64b5d4a22d8db2875ee3eab19af7e7be8
52e75fabae28cd071710de5578f42e7a146093ff7624d86ad841554610d2f473
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55459cf29f74fdff5af1f4ec8496f124835e87c45a1e0668fe9a981124bb2e4e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cdf94cf23e37c6556cbface103bb9eeab69a90453f832611a61682cbcb33fd
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
578ddb198d6fbfeed4796618ef6b60b1890fef4d77a83801d386c4d8b0b92190
5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc
5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cde6bee439f3802237800a17f7a6021d0a3d2049bd0520318ca913cc49bf0b7
5d348590000bce30a2f75ac5756dceec6933488c5fd4d18fb8c8a22a4f529b1f
5fd8cb8587e7da20f2817124ee9dddeddb9ba82cf62caa1e442f14ef975ddf15
619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6433100954ba9b56fa6d06472fa1b3d58a2fde7590a8f71b8dc8f2d3731330a1
65c6da2d2307597b6deedd8f99c382229db078c0b34938cfcb83472e94a10c28
66a76158f74cf809619981d4903eb9fbc81bff8e5513c517fb9935be1ad3d148
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6daa6fdaf9ece1a298fe8cc59b2e5055dd5c284dda37c833802e3c904c5ff28b
744238ec9e2d7ec0598066ad3df2a59ae389ac540643f3e50af3b858c8d858ff
744a7d88ae11e3a820a26f940c925cfa887e679205771ceda28d29b05c4d428f
746686449d21268c342f3081d5204335bae8a95254d81a8b5df1e8a1d0c0d7ca
76f4fc3b81d99c3dd05fb08ff963fd373fd74835f9e29632a39a6e862d61b0d2
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7be3ae1af8ff759f0176c423b9f966c96d22ccfb68dbbec70a4b133ab476d472
7cf0a9c144e37ad3781e2db146716137ea5bcf077aed5a2b267ba53ecfb36b5b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
8750a21fdbda25e927372630d6cc9c3133ddd32093771f2b607f3124af8586a2
8a1fb01677c3282262ca6d8830baa5e44c44408221045121d6d8f6b8ed596c2b
8ab92de96770ce893043d04eee08f4298f07ebd5fb0d4a80b9f5d75885ade52f
8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f
8bdd2549e2df32257d86d141069f086600680d6132d18143617f0289d8926414
8c695ffb7740590277fbaf455c808660037e502860b79df59f446bca98960563
8e9a25950c9e02e6c14363a79a85f185edc44cdfda769a8d60c2c5783c98d425
90705e1fe849108785f9bdda3de8292c0eba37b6c194b0835aca706d002221b7
92eaabf4f968bc7b9318d7492c5a696e0b47ae1278e49578aa03e90555105d78
93de98c5e8303fdec0a91a9c99dde3b68f5ced6566961e6983b5d165f5b00e0f
985cf964707b4958a9e74048f3498d325fc17336875769d06e6364a27b12cd67
98df4e4ef7e62d0153ffed3d9f45d30e37855ffe31e0ab0a56642d15be6e02d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b7bd39f4b82998dda6e36a7bcbe50640c6837a5d20f95ab7caa979dbefe59fe
9c666beb06a70a86ac283bc227e791509c04bc137dd616a43b33fbeeee9b0c99
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a50324b99bb380aa7fd3352a960f51771664957c97821b9bca8925f2246d7ce9
a61f1b72366bf365c560e149ec6a7d92e12bd871fe35df06cbfe8790e1a4e7bf
a6c01d0861ec221996835e60990b89acd6cf5eecee35a94c0ee598dcd5dfdcf4
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
aca56701eb08f6439237b83d96f97bd260862c3a7b2a601f347ed618c9e28374
acbe33ef0db98bad422b28c619ecc574c82e0b2612557aa5ad7abf10d19f5e9f
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ad4388879dc14402b2fe0f8165aa5d35774b6530ab80a265edd3291f6716674e
ad60276cb96056307cf944cdc9bcd28099a8a083666507f083a8019edbfb6cb6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b05597847ea499bf34714b9c4c5c01f6e91d19807a5125f95283d619062c0312
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1733e267fcf287d6027d972ff668cf93885f5d68c2edcb4b6e5b30d5fb66911
b1ccefca74eb3ed8bc6805a7da6667010c20b4525ec40fa8f60ba59a7f2b81e6
b6cd1b3fe078af8d025e35f02e352243b0d17bede9fbb1a861852360bc1fa30e
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8ed282fd7ad8f9c707469eba260bb602201dcb656d767ce0f5bee29701bcee6
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785
c19e9159bffebe312b95d26434ed9fa6dea7caa07799fc5e633bfa83050e8fe1
c21225a208ff6c02d80de756d1e2be99e75f73b3db623aab6949de51c860267e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5952340bd779588ae4c96665f5b594fa15fd41dc88f09dff05f3ae898dbace1
c729ffc77a5a67ef6d9d4a430e7ef7ced27d13e8f444d275b0b53b7ff99a13d2
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
c9eb2d76ba1b18d0b0bc3e7591c1f0bbfe9380b924fd897f44cf1c5bb0c3a27f
ca98e191826a25103ba06eebf913eab32bcf74cada31a17296db096ddfa5bbb9
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce236d7a7d0230204ee76edf6741e13ec8b12e30ec62e1d10b38eb0e1fd25bad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f7cf4579da3229674588cddd1928ac11c40cb626a2b01afcbecba4b06bd783
d2bce10657147d3f6cc9320c9e5e4b5bcac4343f3d5c4167c876c5c6bff36935
d37876311c6c076f7db006a4e3e45f1743256ba237665d1d688df85199d1938c
d3bd57d74369b22cbf2366579a35afc8faa67d5a4a6a7685c721e91488338b82
d4ed98afdf07c26938026bc4321a292270ab5e88543721eb3742bdee15e7e522
d772eda3430d031bfea1576d68fceb9813226ddd63857cceeba00205014a8538
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f96be5d99cbb96e6f81c1e855f4e1f3373dab628cee4b10fe7c1e7bde77cd7
d97b425c044c0f74127938ce35f477873b7bbbf589951732b515c95ef7c688c7
d9f1bc85419c048798af585d3617f8b6642e05df2ceeb874ec8dfc7282401498
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb65a057a44f24e1fedbaba08597667a69bce2c9fe436109dd8060219b66bb7
e167e3cdaada54c05f3e52a1f1a5f131cbb76eb228488292629adea95464b519
e1fa69a8afb7f6d1d8d76c88b4c0cc7a62b0625dcac3464308363835d066b656
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77e4ca9670e02677c8c59e68fa936f07d89e57a0f6256caf38c0338c122c13f
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebc67057d5cc3145508ce6bc4196ecaeff2f9a165e4139396e5eabf310a4f629
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4
f0d414082a9794c9db233ce21079b515dfcbe5b51083b3653c63f9b27f02741d
f1005cce8fb74bbdfebf8bef625d61ffc303a223c617560b23b427b179646869
f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a
f16a980c0662b4942bd9df8493e956c9f35711a24d8129b04239d2cc44cb0018
f39007b08180f8c6d1d70ea5794bd19e567a9604773f16eba64b8ceeb22dc774
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71f9bedfb4cefcaf5fd6f6ef6c17afc518587e885dd6f90d6a54607773058a9
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa1c992457107007e11904935f623c5afe5fda6147592b4fd6d97074337a7fb6
fba972760b3e7ab3499c4778136dce95b2be1a260067c324734fd5f9c3c1776a
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fe87c431052cc7cc10435ed06577fa7445debc3f0a57cf33529c226a61476893

dulichkhanhhoa.net Open in urlscan Pro 15.235.140.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

363 Requests

81 %HTTPS

42 %IPv6

56 Domains

70 Subdomains

40 IPs

7 Countries

5156 kBTransfer

11274 kBSize

49 Cookies

6 Outgoing links

Page URL History

Redirected requests

363 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 23 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dulichkhanhhoa.net Open in urlscan Pro
15.235.140.15 Public Scan

Screenshot
Live screenshot

Full Image

363
Requests

81 %
HTTPS

42 %
IPv6

56
Domains

70
Subdomains

40
IPs

7
Countries

5156 kB
Transfer

11274 kB
Size

49
Cookies

363 HTTP transactions
23 data transactions