security.phuotdi.vn Open in urlscan Pro
2606:4700:3031::6815:7e0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://security.phuotdi.vn/
Submission: On February 22 via api (February 22nd 2024, 5:39:18 am UTC) from US — Scanned from US

Summary HTTP 74 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 9 domains to perform 74 HTTP transactions. The main IP is 2606:4700:3031::6815:7e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is security.phuotdi.vn.
TLS certificate: Issued by E1 on February 5th 2024. Valid for: 3 months.

This is the only time security.phuotdi.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3031::6815:7e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4024:c02::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:4::8	15169 (GOOGLE) (GOOGLE)
74	14

10 2606:4700:3031::6815:7e0 (United States)

ASN13335 (CLOUDFLARENET, US)

security.phuotdi.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:806::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4024:c02::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:4::8 (United States)

ASN15169 (GOOGLE, US)

rr3---sn-ab5l6nrs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	541 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 663 www.google.com — Cisco Umbrella Rank: 2	74 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	131 KB
10	phuotdi.vn security.phuotdi.vn	232 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	97 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131
1	googlevideo.com rr3---sn-ab5l6nrs.googlevideo.com — Cisco Umbrella Rank: 24048	1 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 2768	25 KB
74	9

	Domain	Requested by
15	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	security.phuotdi.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	security.phuotdi.vn	security.phuotdi.vn
6	www.gstatic.com	googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.googleadservices.com
2	csi.gstatic.com	www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
1	rr3---sn-ab5l6nrs.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
74	13

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
phuotdi.vn E1	`2024-02-05` - `2024-05-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-02-13` - `2024-04-23`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://security.phuotdi.vn/
Frame ID: 264AF1EB666606FCF7BC66754143D86C
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html
Frame ID: C79106516176565F740A1D9CF77DE770
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4103683223703121&output=html&adk=1812271804&adf=3025194257&lmt=1708580354&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fsecurity.phuotdi.vn%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708580353839&bpp=3&bdt=106&idt=275&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4142063138274&frm=20&pv=2&ga_vid=856207187.1708580354&ga_sid=1708580354&ga_hid=1924222718&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95324581%2C95325069%2C95322329%2C95320870%2C95324154%2C95324161%2C95324435&oid=2&pvsid=1962661294626674&tmod=895420446&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: 4AF52653B0379E34D4F4EE6164A3498C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FA0DF493B80B515250CED39E90E4165
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4341AE35D1CD6FD6562F1A712AD89876
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0B8B77AA9FAAE29BBFA09A08CE648065
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F72B8BAC407267B361A4D896322AB633
Requests: 15 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019
Frame ID: 0B16619B14B1EA7000085F4276F7647A
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js
Frame ID: 57D6F9385C69E191596A2B44D2393500
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js
Frame ID: 495DCBA3C50E1FD4956F17D4438A5038
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

security.phuotdi.vn

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

74
Requests

97 %
HTTPS

92 %
IPv6

9
Domains

13
Subdomains

14
IPs

1
Countries

2207 kB
Transfer

3905 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://googleads.g.doubleclick.net/pagead/adview?ai=C5DW4At7WZeD9CbLqxtYP9d2x-ALAptj_dYajrdLFEq2GgKSSDhABIMTe-Hhgycapi8Ck2A-gAbygxMUoyAEJqAMByAPLBKoE6wFP0HtplsYoU_jO2nyfC1a5WHLwLC8VuatogbYERLmCrxarZejGHWGJyV6jGliYnA-EyrBJ4dFUDFVZHDfjPzSZOlnaf-SYuRdkAalVVPlXZOM4MsCY6m-xVJ_I_Lt4xT6-Yp46tUg1JnNfK8kPDK-n9PRIx8AyWtanavVwKNMTms_zNthwv8TXGlB_FTA958dQNnASnQX9xKyT1qjIW8p0hbHVMjIt4EunAXkbCqD2i3Abh-ozS4B6zCKlIlYWfEkSHjq509Ml9B0V_9pfLabBTTQ11LiURibxRJVgpZzvaDgElPG1bDKx43kiwAT9mMLzxASIBcWWlrJOkgUECAQYAZIFBAgFGASgBi6AB7zYlKUDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwUQ58X0BNIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOlifzdHonb6EA5oJPWh0dHBzOi8vd3d3LmZvcmV2ZXJkaWFtb25kc255LmNvbS9wYWdlcy9jdXN0b20tZGVzaWduLWlucXVpcnmACgHICwHaDBEKCxCgguX9p72YjtEBEgIBA7gT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNDEwMzY4MzIyMzcwMzEyMRgA&sigh=x0Z-NVT-T8M&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf__s2nfHJWDB_NikahSPFBiNglP_FArD1_w94sCjosBOEROOJhxoQ-0yFcEncwTl_WcEg2ApXeWVlOK1cVFJvYdm1JxKSpEbkLNXkYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9e1bb2f706a268b10000000000000000%22,%222%22:%220x405bb4a90ca399f70000000000000000%22,%223%22:%220x6f637137de2254f60000000000000000%22,%224%22:%220xaeba757d159fbcc10000000000000000%22,%225%22:%220x488ad203e862eb280000000000000000%22},%22debug_key%22:%222207651679587726160%22,%22debug_reporting%22:true,%22destination%22:%22https://foreverdiamondsny.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210883239996%22],%2222%22:[%22true%22],%224%22:[%2202-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216723673945874640289%22}&andc=true

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
security.phuotdi.vn/ 61 KB
11 KB 723ms
494ms Document
text/html 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://security.phuotdi.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b48454867872bffe76d88366442b6a5aea18eb7c74ac7f334bdabd0c203f28

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8594e327bd694392-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 05:39:13 GMT
link: <https://security.phuotdi.vn/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z%2FHl4JAGp%2BZRJ5TN1gvXvqWRU3k1vxiljGDjbuWn2n9Ernn8baG%2BePSbah0YhD0MNm5sAq3kICauE2P5mFKgUNNTEmN1QXPuE6CARaGrI2NeYLGngZXFyC%2BE2E%2BDwDqE3AWC5N2Q43B0H2oU7z4tOXX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-ua-compatible: IE=edge

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 73ms
49ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4103683223703121

Requested by

Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bc763e1d5c486d7ccd0afbc54e43ec0b945e639493eb71afc67085bcc8dce85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
Origin: https://security.phuotdi.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51015
x-xss-protection: 0
server: cafe
etag: 7196660447454166418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 22 Feb 2024 05:39:13 GMT

GET
H2 200 style.min.css
security.phuotdi.vn/wp-includes/css/dist/block-library/ 108 KB
15 KB 21ms
19ms Stylesheet
text/css 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://security.phuotdi.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Feb 2024 01:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 97846
etag: W/"1ae43-65d4040c-11f7b20;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Bc25Xt6qkFBGZH4djYckqM%2BE52uDn3is%2F03mDxHOscFJa7gRn%2BiVJgoNZxwhdZ%2BLXMzsC1HBFqshEzbfbD0MyCRkmos7rt7opYNcLgg%2B1LVwTtnRqQn7OKs70ogFtJmVXTQRRZQNAccu85%2BmE2uSYxv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8594e32ad86d4392-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 28 Feb 2024 02:28:27 GMT

GET
H2 200 main.min.css
security.phuotdi.vn/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 18ms
17ms Stylesheet
text/css 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://security.phuotdi.vn/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Feb 2024 15:17:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 97846
etag: W/"4c6c-65d4c27a-11ff5fa;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWVCWf4vF5Lifw9oFBheJ3dPL5OOrt9UTQXvDUCI%2F%2FnnM%2F9ycdz6CaE0%2B9JW4rNWvdVYGCr60q4TNSE6SIUm05O1vigkn4rmwPVlooORU7zHW8TlVJRPYTla6nHFunrqt3FRG6p2a2H0NRVjh9TFFwMc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8594e32ae86e4392-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 28 Feb 2024 02:28:27 GMT

GET
H2 200 home-security-las-vegas.jpg
security.phuotdi.vn/wp-content/uploads/2024/02/ 36 KB
36 KB 13ms
12ms Image
image/jpeg 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://security.phuotdi.vn/wp-content/uploads/2024/02/home-security-las-vegas.jpg
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59a1394011a2223c735bb5ec3725aec8eea1211a7462ba45aa2dc43f3b98f96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97845
alt-svc: h3=":443"; ma=86400
content-length: 36829
last-modified: Tue, 20 Feb 2024 15:34:09 GMT
server: cloudflare
etag: "8fdd-65d4c671-11ffb6a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy6UcKbXGMPCJtMmtQkH4yF8S4UMCDr2YPAtYUtws%2BkRqxJK3y2aCEoyacOpQAP1PQtKYSqyJPZ64hSGE28OCfLNuqD%2FEybzn5vhKFEVJLCC%2FBHP2kponxP6NZQWU3%2Be%2FICPQVl2QiIw%2B9S59GJftmu4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8594e32ae86f4392-EWR
expires: Wed, 28 Feb 2024 02:28:28 GMT

GET
H2 200 cyber-security-courses-for-beginners.jpg
security.phuotdi.vn/wp-content/uploads/2024/02/ 30 KB
31 KB 14ms
14ms Image
image/jpeg 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://security.phuotdi.vn/wp-content/uploads/2024/02/cyber-security-courses-for-beginners.jpg
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6d1bd51679a10f4d3d88ae85fd5358c6c0ca2f3d6d121c9672efa9bfac0798b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97845
alt-svc: h3=":443"; ma=86400
content-length: 31058
last-modified: Tue, 20 Feb 2024 15:30:26 GMT
server: cloudflare
etag: "7952-65d4c592-11ffb25;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrMns6eAbmWvXeOBKxxFlOVw79xZMkoewld5tEVQqP7asX3mtRf1x%2F7xJLWV6cKCz1H9jy0cZBllsq9WeRWT54t8MiP4XkFU4zz9lFTKUdoEJc4FKMy%2FKrKtd0gq9%2FCKuioo%2BDXmhEsUG%2BgKBeQsdZQK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8594e32ae8704392-EWR
expires: Wed, 28 Feb 2024 02:28:28 GMT

GET
H2 200 security-system-near-me.jpg
security.phuotdi.vn/wp-content/uploads/2024/02/ 51 KB
51 KB 19ms
18ms Image
image/jpeg 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://security.phuotdi.vn/wp-content/uploads/2024/02/security-system-near-me.jpg
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea695e99484721b186d6ed99ff7806dfdfe83794f7508897a5be11cbc97f3c36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97843
alt-svc: h3=":443"; ma=86400
content-length: 52082
last-modified: Tue, 20 Feb 2024 15:29:29 GMT
server: cloudflare
etag: "cb72-65d4c559-11ffb12;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExoqhVd4offz8cl2aPo%2BQebVQVDJLI0nSZYDO7dr2tVHDGNbE%2FpyA2RtBR%2FE%2BYd6KAoNLUhby3u3cBiF4w4Q%2FURR4e%2BxZwwLWBO3WmY1fw32ze6YXeCZJH9mvq%2FDhY5%2BeLDQDEpWA4vEJT5Ao6nbFlPD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8594e32ae8714392-EWR
expires: Wed, 28 Feb 2024 02:28:30 GMT

GET
H3 200 menu.min.js Show response
security.phuotdi.vn/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 13ms
12ms Script
application/x-javascript 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://security.phuotdi.vn/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Feb 2024 15:17:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 102083
etag: W/"1b2d-65d4c27a-11ff61f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a%2BHuCB8CnvRVPd2TxhnRS5e6eZTwjMOaZ9vIJ9waVkU7xqv9h0Gq80XanRkU7K0yxIk61KtG0AyrkDLrS8wSVsfQ8Wn1SICmQxsQEwLoy5hOnDLqOGlGcvfaw2Br4E7s%2Fo5nBrNN6V5tU%2B%2F%2BdlWbfFm"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8594e32b0a471a28-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 28 Feb 2024 01:17:49 GMT

GET
BLOB 200
OK e2890e03-85f3-43b0-af6e-8166698953d3
https://security.phuotdi.vn/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://security.phuotdi.vn/e2890e03-85f3-43b0-af6e-8166698953d3
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 home-security-systems-monitoring.jpg
security.phuotdi.vn/wp-content/uploads/2024/02/ 22 KB
23 KB 12ms
11ms Image
image/jpeg 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://security.phuotdi.vn/wp-content/uploads/2024/02/home-security-systems-monitoring.jpg
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da2fc645a0e632f612db16ef964d8a9e9c0f65f2beb57e55d8635baa54f48eb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102083
alt-svc: h3=":443"; ma=86400
content-length: 22933
last-modified: Tue, 20 Feb 2024 15:27:14 GMT
server: cloudflare
etag: "5995-65d4c4d2-11ffad3;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiBDbMl8ebjvqggBljDrjv%2BCuOXfHY082TXlbv%2FoGNfTOmMTDKmUPnvZdaWHCvAU4Os6DyhfYyTn38vgDDFCzBReUGSP7zvdMxszZQD3iwcTiaYLzTi0iIGLAHO1Q07yUXQ8ZqgSHChzigdmb0BFeBRM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8594e32b3a5d1a28-EWR
expires: Wed, 28 Feb 2024 01:17:50 GMT

GET
H3 200 security-content-automation-protocol.jpg
security.phuotdi.vn/wp-content/uploads/2024/02/ 52 KB
52 KB 16ms
15ms Image
image/jpeg 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://security.phuotdi.vn/wp-content/uploads/2024/02/security-content-automation-protocol.jpg
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d5508122dac7b7409623f9fe2c2f4644631af0df47ad297cf9db96f160e470d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102082
alt-svc: h3=":443"; ma=86400
content-length: 53125
last-modified: Tue, 20 Feb 2024 15:25:28 GMT
server: cloudflare
etag: "cf85-65d4c468-11ffaca;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmCbvNs%2F1DziUGHXZBohptqGjdELO2H0lFwH707uaQqo8Mha3yBWGcWA%2FqIsa2TneBhw%2Ff4U%2B1DfbC%2BFtcCnmaXLjfYO8HpZxmJS5Ne%2FchXKj6BKOH76y596NUaIfVk10FdPbFXAiIr0ztPu2qTZxDid"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8594e32b3a5f1a28-EWR
expires: Wed, 28 Feb 2024 01:17:51 GMT

GET
H3 200 wp-emoji-release.min.js Show response
security.phuotdi.vn/wp-includes/js/ 18 KB
5 KB 19ms
18ms Script
application/x-javascript 2606:4700:3031::6815:7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://security.phuotdi.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Feb 2024 01:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 102079
etag: W/"4904-65d4040c-11f81fe;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3Z4bu45B0a%2Bb7pzFTlH75CwnfNjzTDZ%2F%2FrTCEAuN1jIaixVDNQv29yjJtkWI9YNtfWZpDb8lGAdLDCdrEesJNsRNk8WRs6cXP7gsu%2FeNGGNT91dn8meSuCIlmDQnLZo3RKmJeOLXA4VpM%2FxLTHHFX2S"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8594e32b6a821a28-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 28 Feb 2024 01:17:54 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 407 KB
138 KB 75ms
61ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4103683223703121

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f13624632e913d3810fff3a1d5d50ba10fe32614ca3cf7260858934eded5514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141307
x-xss-protection: 0
server: cafe
etag: 86074580579733411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 05:39:13 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/ Frame C791 9 KB
5 KB 22ms
3ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4103683223703121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 05:03:06 GMT
etag: 3890843268177463596
expires: Thu, 07 Mar 2024 05:03:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4AF5 347 KB
84 KB 826ms
825ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4103683223703121&output=html&adk=1812271804&adf=3025194257&lmt=1708580354&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fsecurity.phuotdi.vn%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708580353839&bpp=3&bdt=106&idt=275&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4142063138274&frm=20&pv=2&ga_vid=856207187.1708580354&ga_sid=1708580354&ga_hid=1924222718&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95324581%2C95325069%2C95322329%2C95320870%2C95324154%2C95324161%2C95324435&oid=2&pvsid=1962661294626674&tmod=895420446&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c6948b72aadb28e97e9461922b1299399cfa05a2acc897db6b6dea240dd7f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 85772
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 05:39:14 GMT
expires: Thu, 22 Feb 2024 05:39:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 51ms
50ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240220&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18fd761756c63d9ae89e2a657c5c1b656da252b035ba3f8fa8bc69dfbae0e801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12274
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 166 KB
56 KB 46ms
46ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7bb6269fb38cb284443e21d6646d409a8e3ab7ca16d9d99963d7a285e2a018f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57350
x-xss-protection: 0
server: cafe
etag: 3114547685121025156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 05:39:15 GMT

GET
H2 200 ca-pub-4103683223703121 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 194ms
44ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4103683223703121?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

651c679fec15380072de17a1cd6fe8f66a34811988301bb5c07b3779b2e30a68

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IZGrmcZUhifuBLSJIOj86w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-IZGrmcZUhifuBLSJIOj86w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj6mHU4pJi8NCQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6O5j2317EJHLjemAMAPYQ_yg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 47ms
27ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 05:39:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FA0 13 KB
5 KB 6ms
4ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 05:06:04 GMT
expires: Fri, 21 Feb 2025 05:06:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4341 829 B
1 KB 42ms
28ms Document
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25c7ff6fb41b768e05a24dfb9fbd8f5fc9e2d7efadd0621db2dc01b16586f583

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ezQuvkjz7cWFXcnyTmSitg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security.phuotdi.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ezQuvkjz7cWFXcnyTmSitg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 05:39:15 GMT
expires: Thu, 22 Feb 2024 05:39:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame 0B8B 9 KB
4 KB 5ms
4ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 16:39:06 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 16:39:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame F72B 9 KB
4 KB 4ms
4ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 16:39:06 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 16:39:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxULpJfmZvL-3Id2XpfXd1YYGXg6dzZlme1vZffrrT4Tb4zkBOM_DSJC2ug3MtO6kP73WBx_ho184KLZEfAFYHg42QGhd59t5tESrX92_BhjBazYtJwAbreNrvcxzvHmT4TUC50MZQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 38ms
38ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxULpJfmZvL-3Id2XpfXd1YYGXg6dzZlme1vZffrrT4Tb4zkBOM_DSJC2ug3MtO6kP73WBx_ho184KLZEfAFYHg42QGhd59t5tESrX92_BhjBazYtJwAbreNrvcxzvHmT4TUC50MZQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NTgwMzU1LDMzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zZWN1cml0eS5waHVvdGRpLnZuLyIsbnVsbCxbWzgsIjJiYmZXclc1OHB3Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2bbfWrW58pw.es5.O/am=wA/d=1/rs=AJlcJMwqbpGH3HIJje-6FO0XBHPaXSUE6Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eef391ac5c3c49beeaf1ef54cb149f0a2085c10ab353077eaf1a659715c23626

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WKsHRMGQrj1_hqgj9dANxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-WKsHRMGQrj1_hqgj9dANxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NWQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O5j2317EJHNj9fSUjAIG2QGg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0B8B 5 KB
1 KB 33ms
17ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 05:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 05:01:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 05:39:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0B8B 205 B
296 B 26ms
4ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:56:15 GMT
x-content-type-options: nosniff
age: 567780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 15:56:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0B8B 604 B
920 B 25ms
3ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:13:26 GMT
x-content-type-options: nosniff
age: 545149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 22:13:26 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 0B8B 15 KB
6 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 21:56:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 0B8B 22 KB
9 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:01:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F72B 4 KB
752 B 28ms
18ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 05:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 04:59:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 05:39:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F72B 2 KB
822 B 4ms
4ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 16:59:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame F72B 23 KB
9 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:15:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F72B 3 KB
1 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F72B 20 KB
8 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F72B 204 KB
61 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 06:25:45 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame F72B 36 KB
15 KB 10ms
2ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 May 2024 02:53:57 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/14596805387503838905/ Frame F72B 41 KB
42 KB 39ms
37ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14596805387503838905/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7283bca67854c2694b3a18dd6e4aa2b4ac35432d445fa86fe7d9756801e215c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Thu, 22 Feb 2024 05:39:15 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42473
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 16:48:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Feb 2025 05:39:15 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16306164251250634202/ Frame F72B 2 KB
2 KB 7ms
6ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16306164251250634202/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d1e565fd4815269425771c099086092faf2a481dc16be11ae42dad8f8f0605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 19:03:28 GMT
date: Tue, 20 Feb 2024 19:03:28 GMT
x-content-type-options: nosniff
age: 124547
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1589
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 15:56:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FA0 39 KB
15 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:00:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 05:00:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4341 0
0 38ms
38ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240220&jk=1962661294626674&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

GET
H2 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame 0B16 8 KB
4 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 03:56:12 GMT

GET
H2 200 bdaa89edabb5f812f15479a6dc106db6.js Show response
www.gstatic.com/mysidia/ Frame 0B16 175 KB
64 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bdaa89edabb5f812f15479a6dc106db6.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11986fd1410d9d7d72141915e02ccc642d65f74aebaa8d732d186742305fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65434
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 May 2024 01:54:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0B16 8 KB
1 KB 24ms
19ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f9c8e8bc991879beac20d773034e76bf154576b50d177b0575836ae9be52c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 05:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 04:26:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 05:39:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 0B16 2 KB
822 B 6ms
5ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 16:59:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 0B16 23 KB
9 KB 10ms
7ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:15:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 0B16 3 KB
1 KB 14ms
11ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 0B16 20 KB
8 KB 13ms
10ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0B16 204 KB
61 KB 10ms
7ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 06:25:45 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 0B16 36 KB
15 KB 8ms
4ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 May 2024 02:53:57 GMT

GET
DATA 200
OK truncated
/ Frame F72B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2dc0d0fb0a0173ba556645487c193cd6c325f7b5ac6e8ce4fe40303a9b14711

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F72B 15 KB
16 KB 21ms
4ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:25:26 GMT
x-content-type-options: nosniff
age: 540829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:25:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F72B 15 KB
15 KB 21ms
5ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 568925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0B16 0
225 B 84ms
31ms Ping
image/gif 2607:f8b0:4024:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lswsmnru&c=2568247256619&slotId=1284123628309.5&qqid=CN2G0uidvoQDFTK10QQd9W4MLw&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bdaa89edabb5f812f15479a6dc106db6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c02::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 05:39:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/EmKwfmAg-s4/ Frame 0B16 24 KB
25 KB 30ms
4ms Image
image/jpeg 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/EmKwfmAg-s4/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8bbbdcacafaa21102716b55c301c0cbdc1f34a5eb2c803e483a1e0591a5737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 04:47:02 GMT
x-content-type-options: nosniff
age: 3133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24945
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Feb 2024 06:47:02 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F72B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5DW4At7WZeD9CbLqxtYP9d2x-ALAptj_dYajrdLFEq2GgKSSDhABIMTe-Hhgycapi8Ck2A-gAbygxMUoyAEJqAMByAPLBKoE6wFP0HtplsYoU_jO2nyfC1a5WHLwLC8VuatogbYERLmCrxa...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9e1bb2f706a268b10000000000000000%22,%222%22:%220x405bb4a90ca399f70000000000000000%22,%223%22:%220x6f6371...

0
0

89ms
75ms

Fetch
text/css

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9e1bb2f706a268b10000000000000000%22,%222%22:%220x405bb4a90ca399f70000000000000000%22,%223%22:%220x6f637137de2254f60000000000000000%22,%224%22:%220xaeba757d159fbcc10000000000000000%22,%225%22:%220x488ad203e862eb280000000000000000%22},%22debug_key%22:%222207651679587726160%22,%22debug_reporting%22:true,%22destination%22:%22https://foreverdiamondsny.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210883239996%22],%2222%22:[%22true%22],%224%22:[%2202-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216723673945874640289%22}&andc=true

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9e1bb2f706a268b10000000000000000","2":"0x405bb4a90ca399f70000000000000000","3":"0x6f637137de2254f60000000000000000","4":"0xaeba757d159fbcc10000000000000000","5":"0x488ad203e862eb280000000000000000"},"debug_key":"2207651679587726160","debug_reporting":true,"destination":"https://foreverdiamondsny.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10883239996"],"22":["true"],"4":["02-22"],"6":["true"]},"priority":"500","source_event_id":"16723673945874640289"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 22 Feb 2024 05:39:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Feb 2024 05:39:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9e1bb2f706a268b10000000000000000","2":"0x405bb4a90ca399f70000000000000000","3":"0x6f637137de2254f60000000000000000","4":"0xaeba757d159fbcc10000000000000000","5":"0x488ad203e862eb280000000000000000"},"debug_key":"2207651679587726160","debug_reporting":true,"destination":"https://foreverdiamondsny.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10883239996"],"22":["true"],"4":["02-22"],"6":["true"]},"priority":"500","source_event_id":"16723673945874640289"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 206
Partial Content videoplayback
rr3---sn-ab5l6nrs.googlevideo.com/ Frame 0B16 1 MB
1 MB 168ms
130ms Media
video/mp4 2607:f8b0:4006:4::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-ab5l6nrs.googlevideo.com/videoplayback?expire=1708609154&ei=At7WZc7mNMWHvPIPur6QyAI&ip=2a0d:5600:24:1500:1012:e044:9ef1:b793&id=1262b07e6020face&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=AQ&mm=31&mn=sn-ab5l6nrs&ms=au&mv=m&mvi=3&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=13.374&lmt=1672640897382238&mt=1708579971&cpn=zsbiHnNza-v44xC-&txp=6219224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRgIhAJL4rXdnC55ZIgnLy-jFRy_s8mv2ykLiqwNNBg_9ohMAAiEA93TqGzd1P1-8l4TXWSyq0xQ18W_3Xbb3u1if-wHIt3k=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=APTiJQcwRgIhAOUkGdp8fXSmRGR4Pqk9iHSFyAtLUZ5nr7-jatl_1AmXAiEAwigUL6snwoN1GkkFEcq-igPgpT4K1MjOCS17_e2KpQs=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:4::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c3b89a82e07543c6e2847980404c91d7f20b9db1aef83f0c7471cb7c69e513d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 22 Feb 2024 05:39:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 02 Jan 2023 06:28:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1130829/1130830
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1130830
Expires: Thu, 22 Feb 2024 05:39:15 GMT

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 57D6 51 KB
19 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: security.phuotdi.vn
URL: https://security.phuotdi.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:03:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4FA0 0
10 B 3ms
3ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xfpgdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 93ms
74ms Preflight
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 05:39:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 495D 51 KB
19 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:03:54 GMT

GET
H3 200 ads Show response
fundingchoicesmessages.google.com/f/AGSKWxUWtf9zBYV4tZ9Z2RL0kleq3lBIV8ACPlFWrheAygqVb_v68DsdeAi6S5tmM7bbzgaltRSz9F7uHtkQhBz69knBKnT9d0IxS04pS9ii35frsHz9bu04bhQLS_k5GV9l6xrkXvCucD0ICIDKAB2x8B_WD4JF6... 54 B
110 B 31ms
31ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUWtf9zBYV4tZ9Z2RL0kleq3lBIV8ACPlFWrheAygqVb_v68DsdeAi6S5tmM7bbzgaltRSz9F7uHtkQhBz69knBKnT9d0IxS04pS9ii35frsHz9bu04bhQLS_k5GV9l6xrkXvCucD0ICIDKAB2x8B_WD4JF6HEpHWr14TSSpqI4FlwHrNqbJlarPbw4/__300_250_/v3/ads?.728x90//advert2.-120x240.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2bbfWrW58pw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwQlkBqXSKbD60UF2xBQWptXJNIrg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed87fd277952e1cad2280fc222f366c7b36a571af335ec235766378edb0d4b67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t3kj2wiblhuLrtGz8EpNxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-t3kj2wiblhuLrtGz8EpNxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NCQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Olj2317EJbPi21w4APfU_6A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 4ms
3ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 06:01:29 GMT

POST
H3 204 AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 38ms
28ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NYSV4e3mGjXjVG5dTFtvAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-NYSV4e3mGjXjVG5dTFtvAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw0JBiWMS_i6mW4RlTKxAz_nnBxAnE7yRfMX0D4h0-HixO6TNYQ4BYiJujZc_tdWwCO05_cwIAfwYWww"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://security.phuotdi.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 30ms
29ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3td9PXibXagZOppkuqKaVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3td9PXibXagZOppkuqKaVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi5mjZc3sdm8CGL2dCATDtFWE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://security.phuotdi.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 30ms
30ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fZbSf1Y8mVKbjIkx54GBTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fZbSf1Y8mVKbjIkx54GBTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi5mjZc3sdm0DD3x-hADF0FWo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://security.phuotdi.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 30ms
29ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-soW7ZcDUzpkToFSiQqXkfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-soW7ZcDUzpkToFSiQqXkfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi5mjZc3sdm8CDfWvCAC_DFTc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://security.phuotdi.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWFMt0JpLj1Uz11SM31iWr7acIZBlRtNymGbSla7R0I2TLtLft69-z-0qJMrBf7dW-03FVdGqAa2QDIHhVZoSiKNCYMgfKlnmAXw8iaLoBJ15X43o0m-y-C6E0SnJMwNpYM8WfQUQ== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 57ms
57ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWFMt0JpLj1Uz11SM31iWr7acIZBlRtNymGbSla7R0I2TLtLft69-z-0qJMrBf7dW-03FVdGqAa2QDIHhVZoSiKNCYMgfKlnmAXw8iaLoBJ15X43o0m-y-C6E0SnJMwNpYM8WfQUQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NTgwMzU2LDE2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc2VjdXJpdHkucGh1b3RkaS52bi8iLG51bGwsW1s4LCIyYmJmV3JXNThwdyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a2167a1f79263b8e9a039ad4563e38b8583bdf6a572184b53c82e5550b2b4c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MfZ4jOi22S5H532Vhm9ioQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MfZ4jOi22S5H532Vhm9ioQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJicNaQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Olj2317EJXOiYGg0AOg8_ig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 30ms
30ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0m5sVYZXBB7-2gN0MVbO6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-0m5sVYZXBB7-2gN0MVbO6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi5mjZc3sdm0DDkv4SAC6tFMI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://security.phuotdi.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWBQdeXWGGyPIDc1OFmJs4PDW0W-zvvOuu7YqU4qImwxBD1AZ15V4u3lvRkc9P2K1eQh3gZaNKoGvTWHDXjdnm9F_e6EIBpAt6IJ-kALKeUDeIfxNHTwAaWBaCOWKnu82S1KbIIxw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 38ms
38ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBQdeXWGGyPIDc1OFmJs4PDW0W-zvvOuu7YqU4qImwxBD1AZ15V4u3lvRkc9P2K1eQh3gZaNKoGvTWHDXjdnm9F_e6EIBpAt6IJ-kALKeUDeIfxNHTwAaWBaCOWKnu82S1KbIIxw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NTgwMzU2LDIyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc2VjdXJpdHkucGh1b3RkaS52bi8iLG51bGwsW1s4LCIyYmJmV3JXNThwdyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b12114d70fbd6771a944a63b250f24b1616915103865c19cd1744270e846361c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qtLtbofO8L-T4xTh-eFbyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qtLtbofO8L-T4xTh-eFbyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJiCNSQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Olj2317EJ_Li1vQIARCxAUQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 37ms
37ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240220&jk=1962661294626674&bg=!WFulWxTNAAZ3BdUuVwU7ADQBe5WfOIiFd2_s5pT7Oz2F3S7vFNE6J7Q7vQoFtmG2eGIF6_ITYs8LoRqDYnkwTZ9amsNOAgAAAONSAAAAAmgBB5kDJU0ApYl-eiJXBVcdz1tshFFk4x6Uf77zmLIMWYFxhm0RX54IcISgIXPvFkO4jVj8NO7pJ_X41qsrmU6esrNdnPTAvovYjkafU374aBNWGD7CZ1ViwtgL3QtBrvPVlCPCzp4B26VrzJTX2OM70ZgLT8J7QY3c9jJ_oM9WlM8z49s1pyOxcGzrt1C1aWxFXNg9UtRlXM6vNbdz4jiZYE6KF_x59f4bwG_vuhkjv8FINIsJB-CDoGs1FwmrTv0YbLvbE9kALVyu9aLttsNOiIxhKKkh-dyCebjL49lDrCf-tAiIarrpbyihTDH3rPUKDtzFrt4hs79qtt4X_iURa2PJvN3Nh9ZRmN2IHwQ2D59zK_KjvH0hiK2Jye_aPo5mYXVD3WLQdcOf0YXwUN7z6G-PMgrb99HP7Odn2wlcenOXRE1XuVZB6AxKvW1Zm-axoIM0TpfVnAxcgKaTh3n-uOUt-04_4k1IvAWKBEG8g4i3mRnOcdURQfVpTY-KhgjVT_DhP-qZZ1I3b0EWVUVeogQ518-vulkmsAup-7IzSTqmvT4JNlGZq79TaIi5zY9cfFZXE-0fTDRbFRoHEY8ZGtXE4vEfWRxl_BXJakx7gTxQUaoTPvtvZ8ApLkq8TRwfRyhnFAYsakEpxAwK11v69VJ0Mjz16cIBHwgIph2QfC8szx-GrefIoIroc24z9aU2nitlUEp7GG3We4sBjmcTZsbiA9vKmikLMrxWp3ZAb3Ov8nZtZk66sEF5EfTauOlaFr3rc0Y4EeFGej2K8km8dKFWMSXX1qBkmnhMkGzzKyKw23fhjUg62a7oqJM8_ST5WokEIOSwJzhO9ivDGIH3JEHkyT-eJdb3jo9oU4yHeEgVrSuILMVaO7RcJQFf8O-ZsAzgs76eFaikWAXFnQqQYxbdqZp7GjagglthWH0UD4nlxZeQQP33ENe-EbuEZporR_0VXwo2vuJBHQKfQoaDZ2qKcMOVU7inSWE585uv5Z6S79YKjDeuH_Rcx_yrWoZqzqnXcvaROK3P6TtGm84Ug_L6bHTPXa-56ZWX8_lXgxY7WiMibvxxdrU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

GET
H3 200 AGSKWxVcuxHzxRFrjszcEabG-aD2FrsvQ21CjmOL4-EA8JpLE-RDL3BzEL0zzeIDf_5Evn-iCFznc5Ay5q6Mv_PlhPPEjmPfB7xoarlQbjPiHfVtD9FUV0LE02RvybNNa8l-grIDgWYiGA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 41ms
41ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVcuxHzxRFrjszcEabG-aD2FrsvQ21CjmOL4-EA8JpLE-RDL3BzEL0zzeIDf_5Evn-iCFznc5Ay5q6Mv_PlhPPEjmPfB7xoarlQbjPiHfVtD9FUV0LE02RvybNNa8l-grIDgWYiGA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NTgwMzU2LDI2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zZWN1cml0eS5waHVvdGRpLnZuLyIsbnVsbCxbWzgsIjJiYmZXclc1OHB3Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55eecd39401e4f6f367b290992eed79839c0974f2c5fb58999a3b9eeac758237

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JYgh1fSXzJmqX7jNtvxvDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://security.phuotdi.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JYgh1fSXzJmqX7jNtvxvDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KshxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumsKkBsuH46ayQQxzyfzpoCxItZZ7CuBmKn9BmsIUD8OXMG628g9qmfwRoHxEI8HC17bq9jE1ixeH0vIwCHIkTj"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUaviHvRI9qRwZr9NgBsjYW8I31qJTItjXe7MsDyp5D3gPoolTTw3iMvvVSYuR_g1SouJLvogvmfnCg1J988t5VLGdTZLh9Qrp42HK9nA7JAJWFV8b41B2yzX4sLoV3gWDjmkIJwg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 31ms
31ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUaviHvRI9qRwZr9NgBsjYW8I31qJTItjXe7MsDyp5D3gPoolTTw3iMvvVSYuR_g1SouJLvogvmfnCg1J988t5VLGdTZLh9Qrp42HK9nA7JAJWFV8b41B2yzX4sLoV3gWDjmkIJwg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xwZig4sZ22Y_MJJWZUUwjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xwZig4sZ22Y_MJJWZUUwjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4WjZc3sdm8CLp-fmMQIAR2QV1Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://security.phuotdi.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 28ms
28ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjVs-X_V-F0mWf2VTBNhEJeg5d-ifl4r3F5LSioiGuN9ppqSBCx3lWE5iFNFPHUSPxg4IooLkHWBSE7NFOreaTs-57rwODkQDNjlvUy7-IFF4WZf5vANgOoRom5Xf3mfMm_WUYJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AdNQ-0RrcJf7dqs2qRPaFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://security.phuotdi.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Feb 2024 05:39:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AdNQ-0RrcJf7dqs2qRPaFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4WjZc3sdm8CEBdfmMgIAQsgVNg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://security.phuotdi.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F72B 42 B
64 B 40ms
40ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7FomMXwIU_uYbJAbmOC3U2jCSSrps6SlBab3ORBebBxAG3GLYblQxByzUILQuPJJwPVN1wtxWBGwLvB1Cmqj6MGvSR0At0ghQujh3fHApwL6zs3FGnaLYZmH_qHKTZkU1sDUHeHbjSlRSHKrZWzD-6PxMFUcFu40&sai=AMfl-YQrnwNt-DYee1dAFa848T0u2Br4fRN0Hgg9nnR5wfeBUqUmWqHbWmZiou47lQsyubaqexHn6McZFKpTrkxh3u5MgGlotHkWcb3DuvV6KdJTtZZ7qApyYU3D3Vx1q4_1b0XoElurhp2Ylxi8UXO14g&sig=Cg0ArKJSzIYdYjGsFeHHEAE&cid=CAQSTwAvHhf__s2nfHJWDB_NikahSPFBiNglP_FArD1_w94sCjosBOEROOJhxoQ-0yFcEncwTl_WcEg2ApXeWVlOK1cVFJvYdm1JxKSpEbkLNXkYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=118,790,1000,1092,1092&tos=118,672,210,92,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=451315500&rst=1708580355317&rpt=284&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 05:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0B16 0
54 B 31ms
30ms Ping
image/gif 2607:f8b0:4024:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lswsmns1&c=2568247256619&slotId=1284123628309.5&qqid=CN2G0uidvoQDFTK10QQd9W4MLw&umsem=0&ple=1&ape=1&met.4=vfl.lswsmnzc~vil.lswsmnzc
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bdaa89edabb5f812f15479a6dc106db6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c02::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 05:39:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.phuotdi.vn/	1970-01-21 03:57:56	Name: __gads Value: ID=aff9a3968b0da391:T=1708580354:RT=1708580354:S=ALNI_MZV7zFHN1fjSzhqHIxHA3V1vhY1jA
.phuotdi.vn/	1970-01-21 03:57:56	Name: __gpi Value: UID=00000dcc148e1c9a:T=1708580354:RT=1708580354:S=ALNI_MbISY2Nv9zABXeRitT87qPxCDxlYQ
.phuotdi.vn/	1970-01-20 22:55:32	Name: __eoi Value: ID=1e4ea2a9a2992772:T=1708580354:RT=1708580354:S=AA-AfjZqT_LiVHYP91EzgDqINZOT
.doubleclick.net/	1970-01-21 04:12:20	Name: IDE Value: AHWqTUlGxwoCDLY8oIFjhc-ZzkqIaHOI0SswbKLCg366JV2ULXkjI-1QA-oeSnFgV3A
.googleadservices.com/	1970-01-20 20:45:56	Name: ar_debug Value: 1
.phuotdi.vn/	1970-01-21 03:21:56	Name: FCNEC Value: %5B%5B%22AKsRol96BwteYwfMYtug8maDIYJT-DMWL0ABqHz0R6YvaLRFSJlAKY_GBWVaZ63VoH6nLMU9A564q41Jd133XMYhgIrxFmGdskcTfi0y-J44jhprJN4--1b6Bgd7m1S0vf13hBFACEjHX-7DzFIq7DcvvzOBqC8Q2w%3D%3D%22%5D%5D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://security.phuotdi.vn/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://security.phuotdi.vn/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://security.phuotdi.vn/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://security.phuotdi.vn/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://security.phuotdi.vn/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://security.phuotdi.vn/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://security.phuotdi.vn/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i1.ytimg.com
pagead2.googlesyndication.com
rr3---sn-ab5l6nrs.googlevideo.com
security.phuotdi.vn
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.251.40.194
2606:4700:3031::6815:7e0
2607:f8b0:4006:4::8
2607:f8b0:4006:806::2002
2607:f8b0:4006:806::200e
2607:f8b0:4006:80c::2003
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:820::2001
2607:f8b0:4006:822::200a
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2004
2607:f8b0:4024:c02::5e
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0bc763e1d5c486d7ccd0afbc54e43ec0b945e639493eb71afc67085bcc8dce85
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
11986fd1410d9d7d72141915e02ccc642d65f74aebaa8d732d186742305fb651
13b48454867872bffe76d88366442b6a5aea18eb7c74ac7f334bdabd0c203f28
18fd761756c63d9ae89e2a657c5c1b656da252b035ba3f8fa8bc69dfbae0e801
1e8bbbdcacafaa21102716b55c301c0cbdc1f34a5eb2c803e483a1e0591a5737
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
25c7ff6fb41b768e05a24dfb9fbd8f5fc9e2d7efadd0621db2dc01b16586f583
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eecd39401e4f6f367b290992eed79839c0974f2c5fb58999a3b9eeac758237
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f13624632e913d3810fff3a1d5d50ba10fe32614ca3cf7260858934eded5514
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651c679fec15380072de17a1cd6fe8f66a34811988301bb5c07b3779b2e30a68
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
7283bca67854c2694b3a18dd6e4aa2b4ac35432d445fa86fe7d9756801e215c9
7a2167a1f79263b8e9a039ad4563e38b8583bdf6a572184b53c82e5550b2b4c7
7c6948b72aadb28e97e9461922b1299399cfa05a2acc897db6b6dea240dd7f6a
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d5508122dac7b7409623f9fe2c2f4644631af0df47ad297cf9db96f160e470d
a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244
b12114d70fbd6771a944a63b250f24b1616915103865c19cd1744270e846361c
b2dc0d0fb0a0173ba556645487c193cd6c325f7b5ac6e8ce4fe40303a9b14711
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
c3b89a82e07543c6e2847980404c91d7f20b9db1aef83f0c7471cb7c69e513d5
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4f9c8e8bc991879beac20d773034e76bf154576b50d177b0575836ae9be52c6
c6d1bd51679a10f4d3d88ae85fd5358c6c0ca2f3d6d121c9672efa9bfac0798b
d59a1394011a2223c735bb5ec3725aec8eea1211a7462ba45aa2dc43f3b98f96
da2fc645a0e632f612db16ef964d8a9e9c0f65f2beb57e55d8635baa54f48eb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d1e565fd4815269425771c099086092faf2a481dc16be11ae42dad8f8f0605
e7bb6269fb38cb284443e21d6646d409a8e3ab7ca16d9d99963d7a285e2a018f
ea695e99484721b186d6ed99ff7806dfdfe83794f7508897a5be11cbc97f3c36
ed87fd277952e1cad2280fc222f366c7b36a571af335ec235766378edb0d4b67
eef391ac5c3c49beeaf1ef54cb149f0a2085c10ab353077eaf1a659715c23626
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

security.phuotdi.vn Open in urlscan Pro 2606:4700:3031::6815:7e0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

97 %HTTPS

92 %IPv6

9 Domains

13 Subdomains

14 IPs

1 Countries

2207 kBTransfer

3905 kBSize

6 Cookies

1 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

security.phuotdi.vn Open in urlscan Pro
2606:4700:3031::6815:7e0 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

92 %
IPv6

9
Domains

13
Subdomains

14
IPs

1
Countries

2207 kB
Transfer

3905 kB
Size

6
Cookies

74 HTTP transactions
1 data transactions