sports.ngaokiemkyduyen.vn Open in urlscan Pro
2606:4700:3037::6815:2007 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sports.ngaokiemkyduyen.vn/
Submission: On January 29 via api (January 29th 2024, 5:30:22 pm UTC) from US — Scanned from US

Summary HTTP 103 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 8 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3037::6815:2007, located in United States and belongs to CLOUDFLARENET, US. The main domain is sports.ngaokiemkyduyen.vn.
TLS certificate: Issued by E1 on December 9th 2023. Valid for: 3 months.

This is the only time sports.ngaokiemkyduyen.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3037::6815:2007	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:806::2003	15169 (GOOGLE) (GOOGLE)
2 16	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
4 5	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
103	12

11 2606:4700:3037::6815:2007 (United States)

ASN13335 (CLOUDFLARENET, US)

sports.ngaokiemkyduyen.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:823::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:806::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:817::2002 (Colchester, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81d::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:821::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:81d::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:823::2004 (Colchester, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	454 KB
16	google.com 4 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	130 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	180 KB
11	ngaokiemkyduyen.vn sports.ngaokiemkyduyen.vn	206 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	7 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
103	8

	Domain	Requested by
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	sports.ngaokiemkyduyen.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	www.gstatic.com	googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	sports.ngaokiemkyduyen.vn	sports.ngaokiemkyduyen.vn
6	fonts.googleapis.com	sports.ngaokiemkyduyen.vn googleads.g.doubleclick.net
5	www.google.com	4 redirects tpc.googlesyndication.com
4	www.googleadservices.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
103	11

This site contains links to these domains. Also see Links.

Domain
mythemeshop.com

Subject Issuer	Validity	Valid
ngaokiemkyduyen.vn E1	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://sports.ngaokiemkyduyen.vn/
Frame ID: 81F4E6A4EB0DFF04AE99886774B16B28
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 7829FF36E1FF49AE54F316F136BC646C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4972984984717662&output=html&adk=318159125&adf=2184669829&lmt=1706549417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x540_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fsports.ngaokiemkyduyen.vn%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706549417284&bpp=10&bdt=390&idt=411&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7598274972323&frm=20&pv=2&ga_vid=1289118692.1706549418&ga_sid=1706549418&ga_hid=147100250&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080662%2C95321958%2C95320890%2C95321627%2C95322164%2C95323009&oid=2&pvsid=2524798821315875&tmod=2079378466&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=458
Frame ID: 3FB04AC4081FF52E8680D717817FB0D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F867DBCF2ADE17DB206AF76E9AC1C645
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B8459931F385C6A50F0FC790B2B60A19
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9A30BFF3E383B7C124832177570C0EFB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F40ABCFE0CB7F4934BC92B33D54C8DA4
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 57863C2B45F3D6D3C13C2783612366B4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 94FD0AA47CBA1C3FB2ABB1CD9C088201
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8847E71E40AFF44AF76C273C92FF6CBC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3A1EE8510B9353B5067C5ED3F98CAAB8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AB90193EFFB5B1FE9C196AC130E0DD92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: CB62B39EA053FAF421C43F2C450C9F14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: F27B5EB547906C45177C47947F03653E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 1206B57A740AE56037C7DD2BD4093783
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 486327585928F9C8C415D12D14C14250
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E47386B4631FDB343720D91A95F18A09
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 469CB36189FE267DC90974783DD45FD1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sports.ngaokiemkyduyen.vn

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

103
Requests

96 %
HTTPS

91 %
IPv6

8
Domains

11
Subdomains

12
IPs

1
Countries

1308 kB
Transfer

3805 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://mythemeshop.com/themes/news/
Title: Get it Now

Search URL Search Domain Scan URL

URL: https://mythemeshop.com/
Title: MyThemeShop

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://googleads.g.doubleclick.net/pagead/adview?ai=C5Ia1qeC3ZZD9M9us2OMP78e7kAX5naLKdYGLks3BEqTn8u2VAhABIKqirS1gyYaAgNyjxBCgAeqyjcUqyAEBqAMByAPLBKoE1QFP0Ju1YB1suNfaiRiP6n1tBw_z2T_p_pai9nIV1dsUy38WMwyg2G_h9ivG8OASHZ1UPBzGaQJVP5-fNvXSm5HdyX54EexxcKz59ERa09fKaUE1idGpFVxid2-uiBhaw3wVVhxNgL4KCpJGiS4qYj_GxgJdS9RZLdSekXrEWom8WSsS1B7wHuyUgCI44lpcucqUTw6N9ouO4Lf0dpr5oUXW1DrFCKLfdo-6VfxnxWBTGZg08J-uCujCjsAQL2uw2HPlIps8MhmU2xQFNiSuKSRzR_fbGXTABN2UisTMBIgF4quGi06SBQQIBBgBkgUECAUYBIAHvZ-tpAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCXx9QF0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOlius9z-j4OEA5oJ8QNodHRwczovL3d3dy5zbWFydGVyLmNvbS9kY2w_cT1CZXN0JTIwUHJvZHVjdCUyMEludmVudG9yeSUyME1hbmFnZW1lbnQlMjBTeXN0ZW0lMjBGb3IlMjBCdXNpbmVzcyZha2lkPWRjX3NjX3NtczFfdXNfYXl0X2Rza19pbnZtZ210Jm89MTY3NDUzMyZ0ZXJtcz1Qcm9kdWN0JTIwSW52ZW50b3J5JTIwQ29udHJvbCUyMFN5c3RlbSUyMEZvciUyMFNtYWxsJTIwQnVzaW5lc3NlcyxCdXNpbmVzcyUyMEludmVudG9yeSUyME1hbmFnZW1lbnQlMjBTeXN0ZW1zLEJlc3QlMjBQcm9kdWN0JTIwSW52ZW50b3J5JTIwQW5hbHl0aWNzJTIwQW5kJTIwQnVzaW5lc3MlMjBNYW5hZ2VtZW50JTIwRm9yJTIwQnVzaW5lc3NlcyxQcm9kdWN0JTIwSW52ZW50b3J5JTIwTWFuYWdlbWVudCUyMFN5c3RlbSUyMEZvciUyMEJ1c2luZXNzZXMmdXRtX3NvdXJjZT1nYSZ1dG1fY2FtcGFpZ249ZGNfc2Nfc21zMV91c19heXRfZHNrX2ludm1nbXQmdXRtX3Rlcm09c3BvcnRzLm5nYW9raWVta3lkdXllbi52boAKAcgLAaIMCCoGCgSsurEC2gwRCgsQgNjZweGb4fCLARICAQPYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNDk3Mjk4NDk4NDcxNzY2MhgA&sigh=SvBn7OkqhPg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_CBNWHb6Ajwl6XbGCnuWhfFQtPcyjYxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd8e2fd00b65cf8df0000000000000000%22,%222%22:%220xeb91b1871035e1e90000000000000000%22,%223%22:%220x57aa479422e824600000000000000000%22,%224%22:%220x4c5b54129103eb290000000000000000%22,%225%22:%220x523a7944e55da5d90000000000000000%22},%22debug_key%22:%2216199377681968230648%22,%22debug_reporting%22:true,%22destination%22:%22https://smarter.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211419212138%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225378440561754277041%22}&andc=true

Request Chain 83

https://googleads.g.doubleclick.net/pagead/adview?ai=C5YTvqeC3ZY_9M9us2OMP78e7kAXtiZnLdZ-L_-ChEcrVrJizEBABIKqirS1gyYaAgNyjxBCgAbbpnMMpyAEBqAMByAPLBKoE1QFP0Ckyhsca1xLnh_8QxR0WcCJysp0WPNsdEhsN-LQCMKjDpLUxq37_zUZ8kYxYXd4un5jqnuY69cAHMqqiRjfRCcOeJsvqtLjKsNPesWjq8nuO7Th6kvjCERRtgfNuIjTxCzkgP5BomxNMIzE2tpVst8Y8PBGj9Osabuy15GuYk7qdh0RRhRw4vs5KLd-y64b0dJILMcA378_QqCDkIdTiouq_Ze-pTOAd9vOUDfAzTHRt7yazQ33tLpGA1NNWVWE4erPExKjqPIYUzZKIiW5xL1qnGUnABJCMn8_EBIgF7OfM-0qSBQQIBBgBkgUECAUYBIAHtqHtogSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCx790H0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOlius9z-j4OEA5oJmAFodHRwczovL3VzLnNob2Zhc3QuY29tL2Rzcj9xPWFmZm9yZGFibGUlMjBidXNpbmVzcyUyMGluc3VyYW5jZSZhc2lkPXptd19jaDExMzUmZGU9YyZzY2xpZD0wLTI0MTE0JmdjbGlkPXtDTElDS19JRH0mcmFjPWFmZm9yZGFibGUlMjBidXNpbmVzcyUyMGluc3VyYW5jZYAKAcgLAaIMCCoGCgSsurEC2gwQCgoQ0NOMh7r7rogkEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi00OTcyOTg0OTg0NzE3NjYyGAA&sigh=um49O75Peyg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_CBNWHb6Ajwl6XbGCnuWhfFQtPcyjYxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17343558d53e50ed0000000000000000%22,%222%22:%220xe91b286af1ffc9ca0000000000000000%22,%223%22:%220x1d8a9067426792980000000000000000%22,%224%22:%220xbef8917fb1328250000000000000000%22,%225%22:%220x3db95f5692cbd4010000000000000000%22},%22debug_key%22:%227231041217166821000%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211146835126%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223231547092893835777%22}&andc=true

103 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sports.ngaokiemkyduyen.vn/ 31 KB
7 KB 2711ms
113ms Document
text/html 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f5737baad9b595c7f2d514fbae2eb92616bc65e4aaaab948eaff8049df5432

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84d333befda767e0-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 17:30:16 GMT
link: <http://sports.ngaokiemkyduyen.vn/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZxS7UHPbNRXx9sa0IVqoSEVEgQe9rgcGMQ2bVqcElDbw6E9sNzXIRW5mfwbq4rmb0P7sXIjperJPYE3X7xQzotyzCTjJWQd%2F2RE%2BUNXsrX2U5xsCI0fOCLhz23GeEtTaKal3Bpak4Youu%2FnyWZMzlQpIsT%2FmFBX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 245ms
101ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4972984984717662

Requested by

Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

add398fda6c0c4fcc060df9b1b14db02d156899d8e4276b3f55c3a2915149c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Origin: https://sports.ngaokiemkyduyen.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51151
x-xss-protection: 0
server: cafe
etag: 16545248216246265629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 29 Jan 2024 17:30:17 GMT

GET
H2 200 style.min.css
sports.ngaokiemkyduyen.vn/wp-includes/css/dist/block-library/ 107 KB
15 KB 152ms
145ms Stylesheet
text/css 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:58:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-65b3c880-12f4ac4;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INnBJEa2bDhlMCHMwpKKLS%2B%2FW%2FL%2FVFymCLZIdXzQs1lEDmx8DhwQ0h%2FAHya12S59c4buX5UxxbAoJGE4TCQY7ct7TZTpwqB82KYRoMQu92UwP8tCfGZSChf7wle7SJmk0o4wT7euWifgLTw9ZPnVZR6wjPbrl%2F7a"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84d333bfcee667e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
H2 200 style.css
sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/ 58 KB
13 KB 122ms
116ms Stylesheet
text/css 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/style.css
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e47a609632060c1ff669dc514741cc0e97bb38660bc76aaa303d241413f9471d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Jan 2024 13:43:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e866-65b65a0a-1374a74;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aD7B56Jt4WBugu0HbK%2B2XnyNRpHCN5tQql8%2BI6M6bPXGki2qEv62n5EznBCuDMlscGlqFFepQKiFltIWCUNmbayhECGvlQbmCPHWSD%2BiIU70rhI%2BlMrsnHZ9q1ZO4EzJ3H1nG5tXDZMXKrmPbAMuh7oU%2Bj6VIpAx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84d333bfcee967e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
834 B 225ms
81ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla%3A700%2C400%7Ckarla%3A400&subset=latin

Requested by

Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94811670b426be8a71aa9f5d4e1e2b459c8806f638bfe70e56e0610df22336d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 16:46:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:17 GMT

GET
H2 200 font-awesome.min.css
sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/css/ 30 KB
7 KB 133ms
127ms Stylesheet
text/css 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/css/font-awesome.min.css
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a786f354eff6e5c74290888da449fc605b0499d4358bf85cc08e21ac744e8ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Jan 2024 13:43:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"78d4-65b65a09-137442d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mkKXJxuK9s5xkehtPia609qdbnNpM9y%2BvDb0gPcRSF9hY%2BRqQxBnImI2Ma9ogoxEIvfNS%2FeyGtin8M10u43Ry1NkrDu61ONmIe%2FN0M27Wb%2FriL5yai9ELmjDvoQgLJCwvH92zVvGh%2BzEw8hje8pd1qHVmFa1Sd%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84d333bfceeb67e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
H2 200 news-responsive.css
sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/css/ 18 KB
4 KB 117ms
111ms Stylesheet
text/css 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/css/news-responsive.css
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac86409719030cfd727f4150b3596e609f7aab7b1539ae05a49d150d1c42ec42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Jan 2024 13:43:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"466d-65b65a09-137442f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j03iNv1q1CLlLT6KkKqPmoREncLGKWwFspDeQo094UfiP03jddHpvgkYbFQ2CTjMlBX2VBYPwJV3ZK%2FSq5mMsR1772PYqMaQf7qQWcUpMiZ2IY2094qdX9k7IyIBauh2wLXuFXQdBQrPtK1ZHMYvDLmn35%2Fkjn%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84d333bfceec67e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
H2 200 news-global.css
sports.ngaokiemkyduyen.vn/wp-content/uploads/news-styles/ 17 KB
4 KB 120ms
115ms Stylesheet
text/css 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-content/uploads/news-styles/news-global.css?timestamp=1706449766&ver=1.0.10
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f31ca6e6b19cee07c15840fce412805fd6772532b43523180699866dde2522c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Jan 2024 13:49:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"44fa-65b65b66-1374be0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zULtAqA3j0edB3lRZACa0%2FgphocYXGBL1jUTKu10h9s4ibqToHcZttH4OX7c2Hey8vpBLh0WTTTBlwXgteC5hgHHXPZlMiaxaqBuxFozMUonliCBq%2B5NtCzHVVkLW4JvD6AAhKAx%2FZ2Z%2Bm3awxcqB0tn3bJLxQsc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84d333bfceee67e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
H2 200 jquery.min.js Show response
sports.ngaokiemkyduyen.vn/wp-includes/js/jquery/ 86 KB
31 KB 166ms
161ms Script
application/x-javascript 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-includes/js/jquery/jquery.min.js
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:58:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-65b3c880-12f5069;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=341J09E4B05zOnIsT1n%2Fxzr59IwGGIyCOd3M0Gon52gFfZ6pBVBByIWdqAmlOCZhoizXWRVfc%2BlF543uACeHaH%2Fje9pf7pvSpSsRKgboHZ2wi9Kpec1gSjf4FPaPW6%2BsvegueY3Peq%2BVHsE2215EMxq%2BeYXv0sPG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84d333bfcef067e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
sports.ngaokiemkyduyen.vn/wp-includes/js/jquery/ 13 KB
5 KB 122ms
119ms Script
application/x-javascript 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:58:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-65b3c880-12f505f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTcsCdcTYBRrQEHhrVYqjQ8IwH2BNugOWlUVWiQP0OhYq4W94YU4Inzob0aDo64oxL3MqIOx2UEh7WiA9oH4bencAfpWxanymtgdEfUzKZ5afRLnTuQX7gany5YaZ3XC%2BuqDvgsK8kDdT1vxGvuokfVWY3ov109f"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84d333bfcef167e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
H3 200 best-mirrorless-camera-for-video.jpg
sports.ngaokiemkyduyen.vn/wp-content/uploads/2024/01/ 39 KB
40 KB 167ms
164ms Image
image/jpeg 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sports.ngaokiemkyduyen.vn/wp-content/uploads/2024/01/best-mirrorless-camera-for-video.jpg
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322eb12887382d4a1e6ab19cc2ec908322ce02c1471de8e280ac85f813f40d51

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
cf-cache-status: MISS
last-modified: Sat, 27 Jan 2024 06:48:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9d5c-65b4a73b-12fd09e;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LruVRgUFdg23kDwPQ4dynPoTW07s6rZFLYYI%2Brq73zowhS2PME3Pl0xkt%2F7PK5jS1lCE5OmhHkOu1w6BQ4HnmZAX4OP0sn7z%2BH2XpLarNctqqK6QLtNPQfucvYM2fhfHwt%2B%2FEdF145YE9CDV6KbgAxIdO%2Fu0DaT7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84d333c13d8c4c12-MIA
alt-svc: h3=":443"; ma=86400
content-length: 40284
expires: Mon, 05 Feb 2024 17:30:17 GMT

GET
H2 200 news-customscripts.js Show response
sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/js/ 9 KB
3 KB 117ms
114ms Script
application/x-javascript 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/js/news-customscripts.js
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9417db46129124b0513d79f2edb995ce3fcd7631994ad73946802096f81cd819

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Jan 2024 13:43:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"225b-65b65a0a-1374a35;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzDTBGhDIKNi2P0Dm%2FgNww5jVjddo2NdhHPTH1NuH9WVaqccJyExQnb5pVNRpcuZaXTCPEl%2BY8eo8O1Oe%2FaL%2FBTUMxY%2FSeciXU0mUitDWY2M0WDTT6Rpussv1FnB3A9WO1Sv%2BOanF7jG6%2BpI6mHhav%2F6Rhk3CaV2"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84d333bfcef267e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 17:30:16 GMT

GET
BLOB 200
OK 97c42079-043b-40c0-b4bd-65f47dd140f3
https://sports.ngaokiemkyduyen.vn/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sports.ngaokiemkyduyen.vn/97c42079-043b-40c0-b4bd-65f47dd140f3
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET wp-emoji-release.min.js
sports.ngaokiemkyduyen.vn/wp-includes/js/ 0
0

GET
H2 200 qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v31/ 24 KB
24 KB 217ms
63ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A700%2C400%7Ckarla%3A400&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sports.ngaokiemkyduyen.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:02:52 GMT
x-content-type-options: nosniff
age: 300445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24364
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:41:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:02:52 GMT

GET
H3 200 fontawesome-webfont.woff2
sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/fonts/ 75 KB
76 KB 206ms
205ms Font
font/woff2 2606:4700:3037::6815:2007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/fonts/fontawesome-webfont.woff2
Requested by: Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/wp-content/themes/mts_news/css/font-awesome.min.css
Origin: https://sports.ngaokiemkyduyen.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
cf-cache-status: MISS
last-modified: Sun, 28 Jan 2024 13:43:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12d68-65b65a09-1374437;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4DO7ILZD0iONj9VtxL7MM7h6dd5TyLybxNL1%2BZpRK1PX%2FSGS2k4%2BLG0S%2FhgYNfhp6Ag0JlRz0J1XoYR2dDV%2BX3YFgZS16%2FCsx0Oe3tLNGJX7BVkTERZG0k95s6JfXfqzNaKvjPBdfis78tZj4d2f2k1aiyG33GJ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84d333c16dc54c12-MIA
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: Mon, 05 Feb 2024 17:30:17 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 405 KB
137 KB 245ms
112ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4972984984717662

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b9844cf427627161da169bde0509eb3b4f3e411db2fbd4714e539ca1f06f366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140708
x-xss-protection: 0
server: cafe
etag: 10135623823745705865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 7829 9 KB
5 KB 312ms
67ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4972984984717662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 33423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 08:13:14 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 08:13:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FB0 660 KB
108 KB 1077ms
1065ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4972984984717662&output=html&adk=318159125&adf=2184669829&lmt=1706549417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x540_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fsports.ngaokiemkyduyen.vn%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706549417284&bpp=10&bdt=390&idt=411&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7598274972323&frm=20&pv=2&ga_vid=1289118692.1706549418&ga_sid=1706549418&ga_hid=147100250&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080662%2C95321958%2C95320890%2C95321627%2C95322164%2C95323009&oid=2&pvsid=2524798821315875&tmod=2079378466&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=458

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82b89658e216d78d0820afd3b0f51ae7b2f472d1b7d8abd61ac9deb784c825fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 110251
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:18 GMT
expires: Mon, 29 Jan 2024 17:30:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 165 KB
56 KB 125ms
124ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js?bust=31080662

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c8b85d6173b4df338acd3dfdda4162e0fc9d3c340c22f1ef48591aa8f532712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56990
x-xss-protection: 0
server: cafe
etag: 12254244342828154785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 ca-pub-4972984984717662 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 234ms
99ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4972984984717662?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7863c2ea96f11d90a3d8fb941d54ff51d2fa9e222448afaa6ccf7de7aeb1e17

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3SEhe8KUYKoPTfTDhrDUZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3SEhe8KUYKoPTfTDhrDUZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRALcXOsPnh_LZtAw5ujUQBY7Fxw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame F867 9 KB
4 KB 65ms
64ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:29:52 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 01:29:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame B845 9 KB
4 KB 69ms
69ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:29:52 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 01:29:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 9A30 9 KB
4 KB 71ms
70ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:29:52 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 01:29:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame F40A 9 KB
4 KB 73ms
73ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:29:52 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 01:29:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVbPiQhdbfu1-qWdSMznTreyaES4oNzQT-sEZ2l-J7GG74Ge9NPmLRdrn5cEN3A-KU7hKYrwrHQ0LVOfkSjl7xCCftA1d4WRgu3_Nv_BWftQ9j0KcCdve8hFppqfchph1R_7Sebhg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 96ms
95ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVbPiQhdbfu1-qWdSMznTreyaES4oNzQT-sEZ2l-J7GG74Ge9NPmLRdrn5cEN3A-KU7hKYrwrHQ0LVOfkSjl7xCCftA1d4WRgu3_Nv_BWftQ9j0KcCdve8hFppqfchph1R_7Sebhg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NTQ5NDE5LDQxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zcG9ydHMubmdhb2tpZW1reWR1eWVuLnZuLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8d25a0245e0d58fcd45ece08fb8cd4287eccf157eec0893047346b9e2c0b878

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jf_zaieuLT0l8cZd92NIGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-Jf_zaieuLT0l8cZd92NIGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRAL8XCsPnh_LZvAjM0PHzICAK0uXOk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame F867 4 KB
767 B 82ms
71ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:53:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F867 205 B
519 B 327ms
171ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:01:37 GMT
x-content-type-options: nosniff
age: 300522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Jan 2025 06:01:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F867 604 B
696 B 347ms
191ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 03:01:50 GMT
x-content-type-options: nosniff
age: 138509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 27 Jan 2025 03:01:50 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame F867 16 KB
7 KB 216ms
61ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 06:02:26 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame F867 22 KB
9 KB 220ms
67ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 05:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 05:53:28 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame B845 9 KB
4 KB 177ms
64ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 02:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 02:16:03 GMT

GET
H2 200 f302f59ac1f3b0a5d58680c751f9ce03.js Show response
www.gstatic.com/mysidia/ Frame B845 11 KB
5 KB 267ms
155ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f302f59ac1f3b0a5d58680c751f9ce03.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49342ebbe80604cf9644cc86d470c9295184f99e0ea5640c59b088b465ee41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4919
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B845 14 KB
1 KB 81ms
78ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:39:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B845 2 KB
857 B 294ms
183ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame B845 23 KB
9 KB 294ms
184ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B845 3 KB
1 KB 292ms
182ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B845 20 KB
8 KB 248ms
138ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B845 205 KB
65 KB 235ms
90ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame B845 37 KB
15 KB 281ms
172ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:19 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 9A30 9 KB
4 KB 178ms
71ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 02:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 02:16:03 GMT

GET
H2 200 f302f59ac1f3b0a5d58680c751f9ce03.js Show response
www.gstatic.com/mysidia/ Frame 9A30 11 KB
5 KB 272ms
165ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f302f59ac1f3b0a5d58680c751f9ce03.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49342ebbe80604cf9644cc86d470c9295184f99e0ea5640c59b088b465ee41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4919
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9A30 14 KB
1 KB 88ms
86ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:41:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9A30 2 KB
857 B 303ms
198ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 9A30 23 KB
9 KB 295ms
190ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9A30 3 KB
1 KB 286ms
181ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9A30 20 KB
8 KB 183ms
78ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A30 205 KB
65 KB 392ms
253ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 9A30 37 KB
15 KB 238ms
135ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:19 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame F40A 9 KB
4 KB 164ms
66ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 02:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 02:16:03 GMT

GET
H2 200 f302f59ac1f3b0a5d58680c751f9ce03.js Show response
www.gstatic.com/mysidia/ Frame F40A 11 KB
5 KB 258ms
160ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f302f59ac1f3b0a5d58680c751f9ce03.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49342ebbe80604cf9644cc86d470c9295184f99e0ea5640c59b088b465ee41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4919
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F40A 14 KB
1 KB 87ms
83ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 16:25:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F40A 2 KB
857 B 270ms
173ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame F40A 23 KB
9 KB 255ms
159ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F40A 3 KB
1 KB 270ms
174ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F40A 20 KB
8 KB 221ms
125ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F40A 205 KB
65 KB 359ms
229ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame F40A 37 KB
15 KB 171ms
77ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:19 GMT

GET
H2 200 AGSKWxVw35O2VOAJ4i-P1p6D0S0R0Ig4SQGdKzkcl0IDB48U00Z5ao7OD3qPdBqpUUSI7cYYqMrB3_knvnS7lZ5nXglNvIuuDjpanXq7uxhrIHNzn7cM_sZXEx19QZI1g2KHrfazddmRJA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 97ms
96ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVw35O2VOAJ4i-P1p6D0S0R0Ig4SQGdKzkcl0IDB48U00Z5ao7OD3qPdBqpUUSI7cYYqMrB3_knvnS7lZ5nXglNvIuuDjpanXq7uxhrIHNzn7cM_sZXEx19QZI1g2KHrfazddmRJA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NTQ5NDE5LDUyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc3BvcnRzLm5nYW9raWVta3lkdXllbi52bi8iLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

702bb82879fc71121378ccfc7e38d830954c263b503dfbfc7692a104ee9132ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--ewfuVDzRxYRLaVEYQDzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--ewfuVDzRxYRLaVEYQDzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRAL8XCsPnh_LZtAw7fbU5gAvCNc1A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5786 14 KB
1 KB 79ms
79ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 17:17:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5786 2 KB
876 B 218ms
172ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 5786 23 KB
9 KB 245ms
201ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 94FD 143 B
166 B 66ms
64ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5786 3 KB
1 KB 242ms
200ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5786 20 KB
8 KB 190ms
148ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:53:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5786 205 KB
65 KB 278ms
201ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:19 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 5786 37 KB
15 KB 233ms
192ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:19 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 94FD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

83ms
82ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:19 GMT
expires: Mon, 29 Jan 2024 17:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8847 143 B
166 B 64ms
64ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A1E 143 B
166 B 64ms
63ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB90 143 B
166 B 64ms
63ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F40A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 457731f3452dae7ca1ab45fafdaf6fa7f7e4087c978550ffc33fde0edfe2726f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8847
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

94ms
93ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:20 GMT
expires: Mon, 29 Jan 2024 17:30:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame CB62 51 KB
19 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:16:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A1E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

95ms
95ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:20 GMT
expires: Mon, 29 Jan 2024 17:30:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB90
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

84ms
83ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:20 GMT
expires: Mon, 29 Jan 2024 17:30:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame F27B 51 KB
19 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: sports.ngaokiemkyduyen.vn
URL: https://sports.ngaokiemkyduyen.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:16:30 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F40A 33 KB
33 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:24:54 GMT
x-content-type-options: nosniff
age: 342326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 18:24:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F40A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5Ia1qeC3ZZD9M9us2OMP78e7kAX5naLKdYGLks3BEqTn8u2VAhABIKqirS1gyYaAgNyjxBCgAeqyjcUqyAEBqAMByAPLBKoE1QFP0Ju1YB1suNfaiRiP6n1tBw_z2T_p_pai9nIV1dsUy38...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd8e2fd00b65cf8df0000000000000000%22,%222%22:%220xeb91b1871035e1e90000000000000000%22,%223%22:%220x57aa47...

0
0

270ms
132ms

Fetch
text/css

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd8e2fd00b65cf8df0000000000000000%22,%222%22:%220xeb91b1871035e1e90000000000000000%22,%223%22:%220x57aa479422e824600000000000000000%22,%224%22:%220x4c5b54129103eb290000000000000000%22,%225%22:%220x523a7944e55da5d90000000000000000%22},%22debug_key%22:%2216199377681968230648%22,%22debug_reporting%22:true,%22destination%22:%22https://smarter.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211419212138%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225378440561754277041%22}&andc=true

Protocol

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd8e2fd00b65cf8df0000000000000000","2":"0xeb91b1871035e1e90000000000000000","3":"0x57aa479422e824600000000000000000","4":"0x4c5b54129103eb290000000000000000","5":"0x523a7944e55da5d90000000000000000"},"debug_key":"16199377681968230648","debug_reporting":true,"destination":"https://smarter.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11419212138"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"5378440561754277041"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 17:30:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 17:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd8e2fd00b65cf8df0000000000000000","2":"0xeb91b1871035e1e90000000000000000","3":"0x57aa479422e824600000000000000000","4":"0x4c5b54129103eb290000000000000000","5":"0x523a7944e55da5d90000000000000000"},"debug_key":"16199377681968230648","debug_reporting":true,"destination":"https://smarter.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11419212138"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"5378440561754277041"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9A30 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1da962c8d12ad90820258598039efafc2e42705cc4497bd86f83f00925292ac4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9A30 33 KB
33 KB 64ms
64ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:24:54 GMT
x-content-type-options: nosniff
age: 342326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 18:24:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 98ms
97ms XHR
application/json 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5636508592e629aca20ca0f200f1e7279a9fe148b136e13e3400880cdec7aaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12225
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1206 51 KB
19 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:16:30 GMT

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4863 51 KB
19 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:16:30 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9A30
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5YTvqeC3ZY_9M9us2OMP78e7kAXtiZnLdZ-L_-ChEcrVrJizEBABIKqirS1gyYaAgNyjxBCgAbbpnMMpyAEBqAMByAPLBKoE1QFP0Ckyhsca1xLnh_8QxR0WcCJysp0WPNsdEhsN-LQCMKj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17343558d53e50ed0000000000000000%22,%222%22:%220xe91b286af1ffc9ca0000000000000000%22,%223%22:%220x1d8a90...

0
0

272ms
133ms

Fetch
text/css

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17343558d53e50ed0000000000000000%22,%222%22:%220xe91b286af1ffc9ca0000000000000000%22,%223%22:%220x1d8a9067426792980000000000000000%22,%224%22:%220xbef8917fb1328250000000000000000%22,%225%22:%220x3db95f5692cbd4010000000000000000%22},%22debug_key%22:%227231041217166821000%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211146835126%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223231547092893835777%22}&andc=true

Protocol

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x17343558d53e50ed0000000000000000","2":"0xe91b286af1ffc9ca0000000000000000","3":"0x1d8a9067426792980000000000000000","4":"0xbef8917fb1328250000000000000000","5":"0x3db95f5692cbd4010000000000000000"},"debug_key":"7231041217166821000","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11146835126"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"3231547092893835777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 17:30:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 17:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x17343558d53e50ed0000000000000000","2":"0xe91b286af1ffc9ca0000000000000000","3":"0x1d8a9067426792980000000000000000","4":"0xbef8917fb1328250000000000000000","5":"0x3db95f5692cbd4010000000000000000"},"debug_key":"7231041217166821000","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11146835126"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"3231547092893835777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 -online-advert. Show response
fundingchoicesmessages.google.com/f/AGSKWxXCD26U7fpVG5NqhfSbJA4WyNDeufy2416CmE4B9JvkWXlQdnsWlgRYdbRlnezVnc11vRvtUipWy-eXCTfJXrsILB1L3CWWGHIj3RskRA7I_tnh8qj6RGP1BftMTWxEHyrBuZTVKpqK74K-xSpvYpAiimL9Z... 54 B
110 B 89ms
88ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXCD26U7fpVG5NqhfSbJA4WyNDeufy2416CmE4B9JvkWXlQdnsWlgRYdbRlnezVnc11vRvtUipWy-eXCTfJXrsILB1L3CWWGHIj3RskRA7I_tnh8qj6RGP1BftMTWxEHyrBuZTVKpqK74K-xSpvYpAiimL9Z-nT82sAOwOP_u-V_zfmD7BAnIoiAOgC/_/jstextad._ad234x90-/adblockDetector._mar_ad/-online-advert.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxPEIo90jKXuFkWlMpFtfc2vWS8gA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10ee88ac432512a86a7421c7f39406634a88c71a3dda1edd50cdf334e9cfcebd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NTLBSnhlk0FAJsGVmt8Uug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NTLBSnhlk0FAJsGVmt8Uug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRAL8XCsOXh_LZvAjZe3rzECALNXXVQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 63ms
62ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 18:13:53 GMT

POST
H3 204 AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 214ms
86ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eKJCbvuWtCGXo19SJ59QfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eKJCbvuWtCGXo19SJ59QfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY83B-2vZBD5suD2ZCQDuciDc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sports.ngaokiemkyduyen.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 91ms
88ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 17:30:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 273ms
130ms Preflight
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 17:30:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 272ms
129ms Preflight
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 17:30:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 88ms
88ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nKNbeb6kHytPUgI8jW26jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nKNbeb6kHytPUgI8jW26jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY83B-2vZBF6sP7SUCQDsSyDG"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sports.ngaokiemkyduyen.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 91ms
91ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mWCvUBqg21hcdpeQqbH36Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mWCvUBqg21hcdpeQqbH36Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY83B-2vZBHac71rBBADrOSCB"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sports.ngaokiemkyduyen.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 91ms
90ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k9kXCnzppJoT9a7YHcxbrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k9kXCnzppJoT9a7YHcxbrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY83B-2vZBCacnbWSCQDuQyB0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sports.ngaokiemkyduyen.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVXAID1MjwMXTeinBVhc_mArf7n1jCHcoA5bgI4rZ4UQNNsZq8i-BsxqgoDej9t5rLHIAhdoSHZ6N5zANraNM9g-mUfAoObnWGWnFbY0zn25kG-YbbnFvNta8syFSIJG-eMrNjhWg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 105ms
105ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVXAID1MjwMXTeinBVhc_mArf7n1jCHcoA5bgI4rZ4UQNNsZq8i-BsxqgoDej9t5rLHIAhdoSHZ6N5zANraNM9g-mUfAoObnWGWnFbY0zn25kG-YbbnFvNta8syFSIJG-eMrNjhWg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NTQ5NDIwLDU3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zcG9ydHMubmdhb2tpZW1reWR1eWVuLnZuLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9c45acb80dc948d241db7271ebc55622b996b2d9cdc9cb3a1d305dd8ef6dc07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oSfjcn2F-mVIsgSyYV4_rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-oSfjcn2F-mVIsgSyYV4_rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRAL8XCsOXh_LZvAjcm7NjABALgBXMA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E473 13 KB
5 KB 67ms
64ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 277677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 12:22:23 GMT
expires: Sat, 25 Jan 2025 12:22:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 469C 829 B
562 B 85ms
84ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

03caff525d19358b747fa9af509ba4dde25bf53468f1268ec58ec78a509993a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CPzzWDM09JTpoOUZxqxNeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CPzzWDM09JTpoOUZxqxNeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:20 GMT
expires: Mon, 29 Jan 2024 17:30:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame E473 39 KB
15 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:50:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 301161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 05:50:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 469C 0
0 95ms
94ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2524798821315875&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 AGSKWxX4_Qbj6w0PD-SOwpRCszu2hxX1PBvoyGXIKFAa9YCkX4IXzNmdmwtvhVVuO7csDqUpslVeL_BEv0W4dRMSIAwHCOGIVTvrKCeqWzzPpKKiJ8LAa4pwFi50-eClipyRGxkBxhE5XQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 90ms
89ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX4_Qbj6w0PD-SOwpRCszu2hxX1PBvoyGXIKFAa9YCkX4IXzNmdmwtvhVVuO7csDqUpslVeL_BEv0W4dRMSIAwHCOGIVTvrKCeqWzzPpKKiJ8LAa4pwFi50-eClipyRGxkBxhE5XQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1hIEkWkjsFWaV6OM3bAbkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1hIEkWkjsFWaV6OM3bAbkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY83B-2vZBG5cWfOUCQDwdSER"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sports.ngaokiemkyduyen.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 88ms
88ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVw9sozYvzNGwmTe0s-Av37vaNWbgFLyBcOdckaeHq2kch9Yr4HTiHVSPeNYovO9eIdchepI5t3MimrKuoXlsLoK1vEGma7CHnXpspGbaH4I05XdBvcdFW787XjkFmMD4dQgsxjKQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-beRML2cA7UD8N9XG9H4rKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sports.ngaokiemkyduyen.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-beRML2cA7UD8N9XG9H4rKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY83B-2vZBDpm7HvCBADtjSCU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sports.ngaokiemkyduyen.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E473 0
10 B 67ms
66ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?O7Z2cw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F40A 42 B
64 B 134ms
133ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5dq1x0geKYTQwygawNguhWZG4IOOWNhYLchyBhfn_MSPsJCwoQM_GuDHmcjyhIZ6xfRKvD3qzWYWvHSk6oZ4yVFbD8mf-Xqf_XFakOk2aAb2eM8eYpNtllPFALr8ruvo1w1VnodkTk66Tw5s6q21E_TFM&sai=AMfl-YQRIDeZzZc_F03DM5XCNGbxnlyTlexULTvLtWoGjX9ZZ1zg9Ju8spAiB1uobAr7Hp3Vzx5MJ_ZUNWa7&sig=Cg0ArKJSzDA088swTKBaEAE&cid=CAQSGwAvHhf_CBNWHb6Ajwl6XbGCnuWhfFQtPcyjYxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=648,1000,1000,1000,1000&tos=648,352,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=318159121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654942000&rst=1706549419398&rpt=873&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A30 42 B
64 B 135ms
135ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1FBdetPGG832ubeHEp4vNKgfMBCZyX_MjQStcAfFWlDG6gHWp0xLsnTViSBVnvKQJ2asw-ozGh_q6SsF4722lxFRZo9yFvxJAAJgg7mTFwlINqcQoqPp9_1mTK8uVr_XlBM-HxiYdqLz4pFlyYXrM6L3f&sai=AMfl-YRAtCD50WbgfnV6uGXeT28cGAKtTBEzjNHL9RyXcDHSnGQ6JnNVrLUYxR1Hy74ZchoGOX_fvcuIbaH3&sig=Cg0ArKJSzGafhJdw6JRWEAE&cid=CAQSGwAvHhf_CBNWHb6Ajwl6XbGCnuWhfFQtPcyjYxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=318159124&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654942000&rst=1706549419396&rpt=894&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
96ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2524798821315875&bg=!ZmWlZSrNAAa8BdJLnAU7ADQBe5WfOPfnSY7CuKnksz9QKFurN9R207h2CPDSIEWPVyMPjQUEmMNpSnBwYPAM-w0CpAQ9AgAAAPFSAAAACmgBBwoAK2gGVq2PwhbykF3ARKGt18U_s7uHH3rq14FJ-sTBadXVP8i0WHYiW9JglX-ZAsFR365CYAziqxwXklB3cOoxflMhR7jkrCRkH734N5gnSke6WrOMiIYT6vBLngyAp9jM3WHzbpdJgqJv-ULxSDJXXNVnA-bRvWKukdoKlzhO4HxasZ8fZFGko-FG2OCB6EpeCmUObBgt4jcwGStYYo_iAu3CY-2Yz9WY7P2WQf0td9SRAZs8EpBpjSp8nzSsXH0hpzz0gDzmBvw_H5SZajVj_UEG4j34FW7OITUcsIBJAVBJ8t-aGTobaHpiwnz5qa52i1tc4GnmwS_FC9VcxJEhJtabjUStp8ky3Gxs7S7xpZ6lJVYYC055826UTBuBOESXG6GoGp6DIb_uZT8YxyztelTHjEcfS43NCV6yw_w9U_bqtBFj0Wou9l64_HaCtSG8L7roQ8v5-VCe3SIaN_q8hGt47c_5vnZ2yXfJnavuQCxMmLPMXO9qQ9AtJ73WjEOmu3WPbp7cmrMikueHYmMAQoj371nWkHibEfl61S6AI-i_7KgYnvH4MXqPFPP73072PxviEqpHRPQyhnHU6z9Mp9b0wFMvSiPgilqGwHbM8ap05e3acv4kxYIBUhYS-Nw71PgBKfXeuqz2Yo6478K1Bn3w_xV2wYTC028S1MNbbypvdPup1pf67oGqk5WFkMyROo9dBOA7IchD5BKBYP1rOn6ohipLtP4GrOHgZ5dF-78tDg9PQ20mfAXlhUnRjO0c69ySvmWVFfFfpkkpmceq9Pt-zv7p1FaqEh-5tBBX9Lsi55qIiWyoZNpkooBlCj-xaFcyogFa0BcQxgaTL15v-BeA7nkgpbzFnFP8QfRSG3ZRzG5EPqzoZdtxzMlC9pJip019rd4QeCMlYWbujs5ZJps7rJvIWpXAcdwdaJuFmfPwualkbuNIME4E3cP_Jv74GkzoJpbrKTEmwxbHNpYU0dXukgQt_aPUISJG_L-XRyk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sports.ngaokiemkyduyen.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sports.ngaokiemkyduyen.vn
URL: http://sports.ngaokiemkyduyen.vn/wp-includes/js/wp-emoji-release.min.js

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 18:02:33	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:38:29	Name: IDE Value: AHWqTUlF-a5-JxqIKpqY07E-knw4LWWX22avSDmPx-2-jLyWlA0lwvK86Jeu6kINirY
.ngaokiemkyduyen.vn/	1970-01-21 02:48:05	Name: FCNEC Value: %5B%5B%22AKsRol8Rpphz-4nAp7MTV9v_ZgT-YsbNJE3fMm4Uu5Bv4mo60ez5IpeAvX8rseJLPFsyIZTAdfIVLV-19hIBhbeaDvPzMsDJd97SI2j2sbqe9vB4xWf9kgTkDHN9k8ArUmjqf2sHfq1nAO-KSS4mzfEgxMYq4TduBg%3D%3D%22%5D%5D
.googleadservices.com/	1970-01-20 20:12:05	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sports.ngaokiemkyduyen.vn/(Line 21) Message: Mixed Content: The page at 'https://sports.ngaokiemkyduyen.vn/' was loaded over HTTPS, but requested an insecure script 'http://sports.ngaokiemkyduyen.vn/wp-includes/js/wp-emoji-release.min.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
sports.ngaokiemkyduyen.vn
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
sports.ngaokiemkyduyen.vn
142.250.80.66
2606:4700:3037::6815:2007
2607:f8b0:4006:806::2003
2607:f8b0:4006:80c::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::200e
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2004
2607:f8b0:4006:823::200a
03caff525d19358b747fa9af509ba4dde25bf53468f1268ec58ec78a509993a7
10ee88ac432512a86a7421c7f39406634a88c71a3dda1edd50cdf334e9cfcebd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1da962c8d12ad90820258598039efafc2e42705cc4497bd86f83f00925292ac4
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c8b85d6173b4df338acd3dfdda4162e0fc9d3c340c22f1ef48591aa8f532712
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322eb12887382d4a1e6ab19cc2ec908322ce02c1471de8e280ac85f813f40d51
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41f5737baad9b595c7f2d514fbae2eb92616bc65e4aaaab948eaff8049df5432
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457731f3452dae7ca1ab45fafdaf6fa7f7e4087c978550ffc33fde0edfe2726f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5636508592e629aca20ca0f200f1e7279a9fe148b136e13e3400880cdec7aaa7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a786f354eff6e5c74290888da449fc605b0499d4358bf85cc08e21ac744e8ec
702bb82879fc71121378ccfc7e38d830954c263b503dfbfc7692a104ee9132ae
7b9844cf427627161da169bde0509eb3b4f3e411db2fbd4714e539ca1f06f366
82b89658e216d78d0820afd3b0f51ae7b2f472d1b7d8abd61ac9deb784c825fe
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
9417db46129124b0513d79f2edb995ce3fcd7631994ad73946802096f81cd819
94811670b426be8a71aa9f5d4e1e2b459c8806f638bfe70e56e0610df22336d5
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac86409719030cfd727f4150b3596e609f7aab7b1539ae05a49d150d1c42ec42
add398fda6c0c4fcc060df9b1b14db02d156899d8e4276b3f55c3a2915149c4d
b49342ebbe80604cf9644cc86d470c9295184f99e0ea5640c59b088b465ee41e
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c9c45acb80dc948d241db7271ebc55622b996b2d9cdc9cb3a1d305dd8ef6dc07
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d8d25a0245e0d58fcd45ece08fb8cd4287eccf157eec0893047346b9e2c0b878
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a609632060c1ff669dc514741cc0e97bb38660bc76aaa303d241413f9471d
e7863c2ea96f11d90a3d8fb941d54ff51d2fa9e222448afaa6ccf7de7aeb1e17
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0
f31ca6e6b19cee07c15840fce412805fd6772532b43523180699866dde2522c7

sports.ngaokiemkyduyen.vn Open in urlscan Pro 2606:4700:3037::6815:2007 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

96 %HTTPS

91 %IPv6

8 Domains

11 Subdomains

12 IPs

1 Countries

1308 kBTransfer

3805 kBSize

4 Cookies

2 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sports.ngaokiemkyduyen.vn Open in urlscan Pro
2606:4700:3037::6815:2007 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

96 %
HTTPS

91 %
IPv6

8
Domains

11
Subdomains

12
IPs

1
Countries

1308 kB
Transfer

3805 kB
Size

4
Cookies

103 HTTP transactions
2 data transactions