vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cdzp1.com/wcoEudzUuC
Effective URL:
https://vnexpress.net/
Submission: On December 13 via manual (December 13th 2021, 2:47:21 am UTC) from US — Scanned from DE

Summary HTTP 541 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 101 IPs in 11 countries across 56 domains to perform 541 HTTP transactions. The main IP is 111.65.250.2, located in Viet Nam and belongs to FPTONLINE-AS-VN FPT Online JSC, VN. The main domain is vnexpress.net.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 21st 2021. Valid for: a year.

This is the only time vnexpress.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	47.241.71.179 47.241.71.179	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1 9	111.65.250.2 111.65.250.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
6	111.65.249.130 111.65.249.130	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
66	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	111.65.251.2 111.65.251.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	180.148.129.21 180.148.129.21	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
4	1.55.119.42 1.55.119.42	18403 (FPT-AS-AP...) (FPT-AS-AP The Corporation for Financing & Promoting Technology)
58	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	111.65.249.131 111.65.249.131	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	111.65.249.226 111.65.249.226	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	180.148.132.197 180.148.132.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	111.65.249.224 111.65.249.224	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
3	111.65.248.197 111.65.248.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
4	180.148.132.75 180.148.132.75	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200d	15169 (GOOGLE) (GOOGLE)
21	111.65.251.70 111.65.251.70	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	125.212.217.26 125.212.217.26	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
18	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3035::ac43:ad49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
9	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
6	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
29	34.201.197.184 34.201.197.184	14618 (AMAZON-AES) (AMAZON-AES)
1	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1	76.223.26.175 76.223.26.175	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.51 13.224.96.51	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 5	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
11	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	51.178.130.209 51.178.130.209	16276 (OVH) (OVH)
1 1	80.158.66.20 80.158.66.20	34086 (SCZN-AS) (SCZN-AS)
2	35.172.120.178 35.172.120.178	14618 (AMAZON-AES) (AMAZON-AES)
1	34.251.154.165 34.251.154.165	16509 (AMAZON-02) (AMAZON-02)
8	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.68.117.182 51.68.117.182	16276 (OVH) (OVH)
2 2	54.229.48.81 54.229.48.81	16509 (AMAZON-02) (AMAZON-02)
3	18.208.85.173 18.208.85.173	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.158.154.136 18.158.154.136	16509 (AMAZON-02) (AMAZON-02)
1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3 10	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	18.196.67.255 18.196.67.255	16509 (AMAZON-02) (AMAZON-02)
3	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
3	52.41.9.160 52.41.9.160	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
2	52.218.91.50 52.218.91.50	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:d29... 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8	16509 (AMAZON-02) (AMAZON-02)
3	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	34.247.8.190 34.247.8.190	16509 (AMAZON-02) (AMAZON-02)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
6	13.224.96.2 13.224.96.2	16509 (AMAZON-02) (AMAZON-02)
1	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
5	35.157.211.26 35.157.211.26	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.57.42.190 52.57.42.190	16509 (AMAZON-02) (AMAZON-02)
1	111.65.248.227 111.65.248.227	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	74.125.71.155 74.125.71.155	15169 (GOOGLE) (GOOGLE)
9	54.154.42.245 54.154.42.245	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400c:c13::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:219... 2600:9000:2190:9c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 6	34.240.93.178 34.240.93.178	16509 (AMAZON-02) (AMAZON-02)
1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:5d::8	15169 (GOOGLE) (GOOGLE)
16	52.35.244.206 52.35.244.206	16509 (AMAZON-02) (AMAZON-02)
14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:20:... 2606:4700:20::681a:723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.163.20.150 35.163.20.150	16509 (AMAZON-02) (AMAZON-02)
541	101

1 47.241.71.179 (Singapore, Singapore) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

cdzp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 111.65.250.2 (Viet Nam) 1 redirects

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 111.65.249.130 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

s.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

s1cdn.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-giaitri.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-vnexpress.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-thethao.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-dulich.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scdn.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-kinhdoanh.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.65.251.2 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
PTR: mx1.gatemail.vn

s1.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.129.21 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

logperf.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 1.55.119.42 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)

octopus-stream01-cads.fpt.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.249.131 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

static.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.65.249.226 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

adp.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 180.148.132.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

la2.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.65.249.224 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

g.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 111.65.248.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

usi-saas.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 180.148.132.75 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

gw.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 111.65.251.70 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
PTR: mx1.edm1.gatemail.vn

is.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.88 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
364187f7114c8ddc8da01761c316e14f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
452794cdd616c40f780ec3019325128a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 125.212.217.26 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

optimize.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::ac43:ad49 (United States)

ASN13335 (CLOUDFLARENET, US)

solution.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bd.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 34.201.197.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-197-184.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.26.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com

de1-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-51.zrh50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.23.46 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

ad23.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.178.130.209 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu

creative.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.158.66.20 (Germany) 1 redirects

ASN34086 (SCZN-AS, DE)

ebs08.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.120.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-120-178.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.39.36.141 (Los Angeles, United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.117.182 (France)

ASN16276 (OVH, FR)

aaa.artefact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.48.81 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-48-81.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.208.85.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-85-173.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.154.136 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-154-136.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.233 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.67.255 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-67-255.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.41.9.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-9-160.us-west-2.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.91.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

rechtstexte.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.8.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-8-190.eu-west-1.compute.amazonaws.com

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.96.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-2.zrh50.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.211.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-211-26.eu-central-1.compute.amazonaws.com

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.42.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-42-190.eu-central-1.compute.amazonaws.com

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.248.227 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

core.polyad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.71.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.154.42.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400c:c13::5e (Charleston, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2190:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.240.93.178 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-93-178.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:5d::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednld.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.35.244.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-244-206.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:723 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-35-163-20-150.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.20.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-20-150.us-west-2.compute.amazonaws.com

v4-api-35-163-20-150.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	vnecdn.net s1.vnecdn.net Failed s1cdn.vnecdn.net vcdn1-giaitri.vnecdn.net vcdn1-vnexpress.vnecdn.net vcdn1-thethao.vnecdn.net vcdn1-dulich.vnecdn.net adp.vnecdn.net la2.vnecdn.net la.vnecdn.net Failed is.vnecdn.net vcdn1-kinhdoanh.vnecdn.net s.vnecdn.net	3 MB
69	googlesyndication.com 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com 364187f7114c8ddc8da01761c316e14f.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 452794cdd616c40f780ec3019325128a.safeframe.googlesyndication.com ade.googlesyndication.com	345 KB
57	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	523 KB
40	aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	445 KB
39	adsafeprotected.com 4 redirects unified.adsafeprotected.com static.adsafeprotected.com pixel.adsafeprotected.com dt.adsafeprotected.com	294 KB
20	adform.net track.adform.net s1.adform.net	282 KB
19	rubiconproject.com 3 redirects s.update.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com prebid-server.rubiconproject.com pixel.rubiconproject.com	50 KB
17	google.com analytics.google.com www.google.com accounts.google.com adservice.google.com	77 KB
17	vnexpress.net 1 redirects vnexpress.net logperf.vnexpress.net Failed usi-saas.vnexpress.net gw.vnexpress.net	294 KB
14	stickyadstv.com 3 redirects ads.stickyadstv.com cdn.stickyadstv.com	288 KB
12	pubmatic.com 3 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image8.pubmatic.com image2.pubmatic.com	18 KB
11	googleapis.com fonts.googleapis.com imasdk.googleapis.com	1 MB
10	eclick.vn s.eclick.vn static.eclick.vn g.eclick.vn scdn.eclick.vn	134 KB
9	urekamedia.com optimize.urekamedia.com solution.urekamedia.com bd.urekamedia.com	22 KB
9	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	42 KB
8	2mdn.net 2 redirects s0.2mdn.net gcdn.2mdn.net Failed r3---sn-4g5ednld.c.2mdn.net	2 MB
7	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	111 KB
6	trustarc.com choices.trustarc.com	17 KB
6	ad-srv.net 1 redirects ad.ad-srv.net ad23.ad-srv.net	8 KB
6	google.de www.google.de adservice.google.de	2 KB
6	googletagservices.com www.googletagservices.com	209 KB
6	google-analytics.com www.google-analytics.com	95 KB
6	googletagmanager.com www.googletagmanager.com	306 KB
5	ampproject.org cdn.ampproject.org	103 KB
4	b2c.com 1 redirects api-35-163-20-150.b2c.com v4-api-35-163-20-150.b2c.com	6 KB
4	advertising.com 2 redirects pixel.advertising.com ads.adaptv.advertising.com	3 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	32 KB
4	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	6 KB
4	fpt.vn octopus-stream01-cads.fpt.vn	130 KB
3	yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com ads-eu.v.ssp.yahoo.com	1 KB
3	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com targeting.unrulymedia.com	712 B
3	1rx.io 2 redirects sync.1rx.io tag.1rx.io	2 KB
3	mlsat02.de 2 redirects creative.mlsat02.de tracking.mlsat02.de	1 KB
3	adsrvr.org 2 redirects de1-bid.adsrvr.org match.adsrvr.org	2 KB
3	spotxchange.com 1 redirects sync.search.spotxchange.com search.spotxchange.com	2 KB
2	moatads.com z.moatads.com px.moatads.com	44 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	909 B
2	amazonaws.com rechtstexte.s3.amazonaws.com	86 KB
2	360yield.com 2 redirects ad.360yield.com	725 B
2	awin1.com 1 redirects www.awin1.com	800 B
2	criteo.net static.criteo.net	53 KB
1	fouanalytics.com api.fouanalytics.com	977 B
1	tapad.com tapestry.tapad.com	496 B
1	jsdelivr.net cdn.jsdelivr.net	13 KB
1	polyad.net core.polyad.net	508 B
1	amazon-adsystem.com s.amazon-adsystem.com	556 B
1	rlcdn.com id.rlcdn.com	417 B
1	mathtag.com sync.mathtag.com	429 B
1	technoratimedia.com sync.technoratimedia.com
1	artefact.com aaa.artefact.com	634 B
1	telekom.de 1 redirects ebs08.telekom.de	723 B
1	truste.com choices.truste.com	9 KB
1	creativecdn.com prebid-asia.creativecdn.com	175 B
1	cloudflare.com cdnjs.cloudflare.com	11 KB
1	cdzp1.com 1 redirects cdzp1.com	165 B
0	ipredictive.com Failed sync.ipredictive.com Failed
541	56

	Domain	Requested by
41	s1cdn.vnecdn.net	vnexpress.net s1cdn.vnecdn.net
30	pagead2.googlesyndication.com	securepubads.g.doubleclick.net vnexpress.net tpc.googlesyndication.com www.googletagservices.com srcdoc imasdk.googleapis.com
29	track1.aniview.com	vnexpress.net player.aniview.com
22	tpc.googlesyndication.com	vnexpress.net 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
21	is.vnecdn.net	vnexpress.net
20	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net vnexpress.net bd.urekamedia.com
16	dt.adsafeprotected.com
16	googleads.g.doubleclick.net
16	vcdn1-vnexpress.vnecdn.net	vnexpress.net
12	ade.googlesyndication.com
11	s1.adform.net	track.adform.net s1.adform.net 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com tracking.mlsat02.de vnexpress.net
10	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
10	ads.stickyadstv.com	3 redirects player.aniview.com cdn.stickyadstv.com
9	unified.adsafeprotected.com	imasdk.googleapis.com
9	track.adform.net	3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com ad23.ad-srv.net s1.adform.net
9	vnexpress.net	1 redirects vnexpress.net s1cdn.vnecdn.net
8	static.adsafeprotected.com	imasdk.googleapis.com vnexpress.net
8	pubads.g.doubleclick.net	imasdk.googleapis.com
8	eus.rubiconproject.com	3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com eus.rubiconproject.com player.aniview.com
7	www.google.com	vnexpress.net 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com tpc.googlesyndication.com
6	pixel.adsafeprotected.com	4 redirects static.adsafeprotected.com
6	choices.trustarc.com	choices.truste.com choices.trustarc.com
6	player.aniview.com	solution.urekamedia.com player.aniview.com
6	ib.adnxs.com	1 redirects s.eclick.vn player.aniview.com acdn.adnxs.com
6	www.googletagservices.com	vnexpress.net securepubads.g.doubleclick.net 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
6	s.eclick.vn	vnexpress.net s1.vnecdn.net s.eclick.vn
6	www.google-analytics.com	vnexpress.net www.google-analytics.com www.googletagmanager.com
6	www.googletagmanager.com	vnexpress.net www.googletagmanager.com
5	trk.vidible.tv
5	cm.g.doubleclick.net	2 redirects vnexpress.net
5	ad23.ad-srv.net	1 redirects 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com ad23.ad-srv.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
4	s0.2mdn.net	imasdk.googleapis.com
4	cdn.stickyadstv.com	player.aniview.com cdn.stickyadstv.com
4	token.rubiconproject.com	3 redirects eus.rubiconproject.com
4	optimize.urekamedia.com	www.googletagmanager.com optimize.urekamedia.com
4	hbopenbid.pubmatic.com	s.eclick.vn player.aniview.com
4	gw.vnexpress.net	s1cdn.vnecdn.net
4	octopus-stream01-cads.fpt.vn	vnexpress.net octopus-stream01-cads.fpt.vn
3	api-35-163-20-150.b2c.com	1 redirects vnexpress.net
3	bid.g.doubleclick.net	imasdk.googleapis.com
3	image8.pubmatic.com	2 redirects
3	pixel.rubiconproject.com
3	prebid-server.rubiconproject.com	player.aniview.com
3	ads.pubmatic.com	player.aniview.com
3	sync.aniview.com	player.aniview.com
3	bd.urekamedia.com	player.aniview.com vnexpress.net
3	3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	accounts.google.com	s1cdn.vnecdn.net
3	usi-saas.vnexpress.net	s1cdn.vnecdn.net
3	www.google.de	vnexpress.net
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	vcdn1-thethao.vnecdn.net	vnexpress.net
3	vcdn1-giaitri.vnecdn.net	vnexpress.net
2	googleads4.g.doubleclick.net
2	r3---sn-4g5ednld.c.2mdn.net
2	gcdn.2mdn.net
2	csi.gstatic.com	imasdk.googleapis.com
2	sync-tm.everesttech.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	rechtstexte.s3.amazonaws.com	ad23.ad-srv.net
2	secure.adnxs.com	1 redirects optimize.urekamedia.com
2	targeting.unrulymedia.com	player.aniview.com
2	ads.adaptv.advertising.com	1 redirects player.aniview.com
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	pixel.advertising.com	1 redirects player.aniview.com
2	ad.360yield.com	2 redirects
2	go1.aniview.com	player.aniview.com
2	tracking.mlsat02.de	1 redirects ad23.ad-srv.net
2	www.awin1.com	1 redirects ad23.ad-srv.net
2	fonts.gstatic.com	fonts.googleapis.com
2	static.criteo.net	s.eclick.vn static.criteo.net
2	solution.urekamedia.com	vnexpress.net
2	sync.search.spotxchange.com	1 redirects vnexpress.net
2	g.eclick.vn	s1.vnecdn.net scdn.eclick.vn
2	la2.vnecdn.net	s1.vnecdn.net vnexpress.net
2	adp.vnecdn.net	s1.vnecdn.net
2	analytics.google.com	www.googletagmanager.com
1	v4-api-35-163-20-150.b2c.com
1	api.fouanalytics.com	player.aniview.com
1	tapestry.tapad.com	optimize.urekamedia.com
1	cdn.jsdelivr.net	optimize.urekamedia.com
1	px.moatads.com
1	image2.pubmatic.com	1 redirects
1	core.polyad.net	s.vnecdn.net
1	ads-eu.v.ssp.yahoo.com
1	z.moatads.com	cdn-ssl.vidible.tv
1	acdn.adnxs.com	player.aniview.com
1	cdn-ssl.vidible.tv	acds.prod.vidible.tv
1	s.amazon-adsystem.com
1	acds.prod.vidible.tv	player.aniview.com
1	mug.criteo.com
1	ads.yahoo.com
1	pr-bh.ybp.yahoo.com
1	id.rlcdn.com
1	sync.mathtag.com
1	s.vnecdn.net	www.googletagmanager.com
1	search.spotxchange.com	player.aniview.com
1	image6.pubmatic.com	ads.pubmatic.com
1	tag.1rx.io	player.aniview.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.technoratimedia.com	player.aniview.com
1	aaa.artefact.com	ad23.ad-srv.net
1	452794cdd616c40f780ec3019325128a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s.update.rubiconproject.com	3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
1	ebs08.telekom.de	1 redirects
1	creative.mlsat02.de	1 redirects
1	choices.truste.com	3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
1	de1-bid.adsrvr.org	3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
1	ad.ad-srv.net	vnexpress.net
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	364187f7114c8ddc8da01761c316e14f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	s.eclick.vn
1	prebid-asia.creativecdn.com	s.eclick.vn
1	vcdn1-kinhdoanh.vnecdn.net	vnexpress.net
1	scdn.eclick.vn	s.eclick.vn
1	cdnjs.cloudflare.com	s1cdn.vnecdn.net
1	vcdn1-dulich.vnecdn.net	vnexpress.net
1	static.eclick.vn	vnexpress.net
1	logperf.vnexpress.net	vnexpress.net
1	s1.vnecdn.net	vnexpress.net
1	cdzp1.com	1 redirects
0	sync.ipredictive.com Failed
0	la.vnecdn.net Failed	s1.vnecdn.net
541	127

This site contains links to these domains. Also see Links.

Domain
e.vnexpress.net
video.vnexpress.net
startup.vnexpress.net
vief.vnexpress.net
vhome.vnexpress.net
vm.vnexpress.net
vrace.vnexpress.net
diemthi.vnexpress.net
raovat.vnexpress.net
shop.vnexpress.net
vlight.vnexpress.net
ebox.vnexpress.net
eclick.vn
ai4vn.vnexpress.net
www.facebook.com
twitter.com
www.youtube.com
appgallery5.huawei.com
click.google-analytics.com
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
*.vnexpress.net GlobalSign GCC R3 DV TLS CA 2020	`2021-01-21` - `2022-02-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.eclick.vn GlobalSign GCC R3 DV TLS CA 2020	`2021-01-21` - `2022-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.vnecdn.net Sectigo RSA Domain Validation Secure Server CA	`2019-12-09` - `2022-03-08`	2 years	crt.sh
*.fpt.vn DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-05-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
optimize.urekamedia.com R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
ad-srv.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tracking.mlsat02.de Sectigo RSA Organization Validation Secure Server CA	`2021-11-15` - `2022-12-16`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
update.rubiconproject.com R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
aaa.artefact.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2022-01-19`	6 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-11-16` - `2022-05-11`	6 months	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-06`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-07-11` - `2022-01-05`	6 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.polyad.net Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-02-22`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 61 frames:

Primary Page: https://vnexpress.net/
Frame ID: C3A2AA8C8E6ED27752BB0BB1DFAEAE5A
Requests: 272 HTTP requests in this frame

Frame: https://s.eclick.vn/delivery/sync_retar.html
Frame ID: 45D31598411FA24B7C64B85B66C3DED6
Requests: 1 HTTP requests in this frame

Frame: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=aun2quh3kq32b41i.1639363620.des&orig_aid=aun2quh3kq32b41i.1639363620.des&myvne_user_id=0
Frame ID: F4EC599A1B33BDB3F44508D5E01117A0
Requests: 1 HTTP requests in this frame

Frame: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F34D286F9909F4FF0C489A72FE94D7E6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut1J6CW1djqgtMwyS6R-7VrCb95m7RI7aWv4ZaZeLDiTI7RtmYXZh8Y9Noan4PQTGPGgeuu1wwZayV1dbDEK-FuxxdaiOzdT_bmkX4Kxid_2R5_MQPnSVYa2_yq8fPuWmGTi2XuNxvtYRB2vH1To5vOn2kHZavZIPJHcP7ZjAfPSFGJgz_-fjPVrNu2x7Yrx48HvGTtS5Fhd2BzGF_vdOqsmhRcDPGUsXwj-Oz4gBS9TtO-LagkEPtKjkEW-cekMnUt02JtSpEA6MMq6ACd-4KbhqGNAfm3XvRSMPQep4ir0tW0GwJFjBJx7x9ErxD-AzR0kLx1_UYne0k8S9t1eqw1UI&sai=AMfl-YReVcoMLh1hiamUoMi4nRm20Eox40GgseSgA9-x7d1iuBjdNOXMGjimmJ3NGM2ZoN7lFA3XZsjuDmvLsbvu8Zd9S0yPnSbhIGP333p9OnYJsllv74ZRRahYpYPMmNA&sig=Cg0ArKJSzMbEB5DFiTO4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7547FD032AF50A77F12BE4AC5FC97EAD
Requests: 17 HTTP requests in this frame

Frame: https://364187f7114c8ddc8da01761c316e14f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CC07D07C4EE708E1BEBC8B1B6A1E4C4F
Requests: 1 HTTP requests in this frame

Frame: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B70524796825E62B100483E09E4030A5
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbO-F4a3mRsk3qb_-AdBZ02rwzQsYFVYtRmP0TSF6ZNeGJ0yNyaCDrjWmlK5bNJQj0jn0BR4stt2T_x-Y7XcrF83t7RmEAHANEXYIp1pdEoyEJYjv1wCVwcbkDuHz3AfIzP7NNePv0x_6Vx-p3SLuLkqpz8vLrOSSx6W2M38pFewoSEQ-njFUJBBjFZBZ0NMxPOVYFy7yi4fGpfVM3zQnS_t8yGDYeWuh5a3NBdgCZpgRDKg4NBkz56_cKPruZu-GoK2sh2AeynFpjpZuBJAcR2VT8P2cl8cSKLdeHlt96iN9ku2hW5Fl6Q18YZOsPg3vhetfjuayyXc03xNdeLDsBGAxLbPdbeASMrQ&sig=Cg0ArKJSzLGcs5KWO6zPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 49B810624CC6760522DFA518770D7B0B
Requests: 4 HTTP requests in this frame

Frame: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5A80DC75C3054CB73FE847D162F78113
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: E7B863F5FB54CA295FED85A75063E9CF
Requests: 19 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Frame ID: ED80C3E0B1D9E4293F19DFDCF56E2A79
Requests: 6 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: 798C72A0A3613CA2B576ADB129C2F1D9
Requests: 1 HTTP requests in this frame

Frame: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Frame ID: FE390898DB11339EC60ABA5CB11FA48A
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BB1FB70C4D6C50CBAE9C74C54DD134E3
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 84772B9125CB9F1BC1C1DBF6860FA866
Requests: 11 HTTP requests in this frame

Frame: https://452794cdd616c40f780ec3019325128a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8858D8C87E96132018CBB9FDB10CA209
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: DAFC863D22CFFDEFEDD80C09DB6153F3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFAA6BF6FC6D38A0A481F632E217BE30
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7029EC57ED62B0D95BB04492195C8386
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx8diTr-OssmitATWDPRC-njCbfEkwYVv7210IgnJ34H6WWpKUW8_jLt907oZwKfDzJJjhBdv3RUoNzgwIYBApVF56TA-19F9Z0c-xemP1d9jrAn6AYSl-rb5w7jin_8DGYutJnaLzEitbR5Lzumhyndx3k_1IXBlUuSceq7NetN6ebb8SRSun9J-oIqXQvX5-W2THz2eLRBzGKL0SQBfDLNSlr5nJ7o5VwBDs1tryVluNF2ZBP_zIadSRFf4gOePQ-WcY4Sfpud-v3x59Zw8LAMIrRR9IB4ezIO4gvxHn-zwk8bFO_s8oYF9VfrgeSCQwfeT9K1GV3aXMOnH9R0kLlP_WKLw&sig=Cg0ArKJSzJGuV6yZGtULEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C9BAED0AFB5EB5418752AAD03F55BD13
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Frame ID: B01F31A3DA3901DE13CD3F8ADC7DA0F7
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=22&key=46d1d8a9-db20-4a84-9b08-281cc892a497
Frame ID: B98E712A8B937C300A8A1D252349057C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
Frame ID: 0B3B756A8980AE3F58BFD2D99482FDB4
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1639363622392-936944863393-007097-008-008467&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: F2996CF2346B5B8E0E5CBBD24A87598A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=200&key=RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003
Frame ID: 6BFDBDA292ACFC9E0A4484D93185AF4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D1%26key%3D
Frame ID: 5F49017961F2F38BBFC9E9716F9E7E44
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622555-925571806393-006971-002-004166&biddername=55&key=938033878257425291
Frame ID: 2B52E46D90D9E64B49CC023FFE5EC07C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31548C75028D2FB1ED455A4C52F8C811
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22EFA754BA33C91C180061CA7D5C6F91
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068258/9645718/9645718.js?ADFassetID=9645718&bv=514
Frame ID: 0754EB2235249D4ECA3E8432AD6832F9
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net
Frame ID: 30B6D8015B117AF5746E36290CBAC910
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 870AC19C5D48FC2BF7B07E25E1FB0ED1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DA80BD44CACF103D3634E88DC6F2C60
Requests: 2 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=50a23d37-3eeb-43c7-91dd-c4231e15f1c2&pblob=
Frame ID: C2450E6E8FBBD0637F2BE2AF1E6A0F0F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: E51703E3231D733AA048C363C41CCFC5
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: 401046F0912ABB12D1D47CB09DDA9D73
Requests: 28 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: F4D8137AC1430504471F4DE5B99798BB
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: 4043438D77254EAC3E0952EE92DC864C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 84126C0A7E2AA19F22A24991E63848E1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A54573E0EF5CB3282BF24B1D74F24C06
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3EB3349E8B84B045AFC82524BBF45614
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: 11FBF8CD60BC3694B49EC2414571FCDF
Requests: 28 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: EDFDF24EDA4B2FEE69BD8D724D59A719
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: C91FB3B5BC58EAAB239F296E92EF41B1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E96CF69FABB333A0B56BB22965532BD2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8CF9011AAC4EA198FD268DE2A903B312
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D488A75137E89121DECD6D62CC8F7A50
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 91C4FDA739E842CC6316E938AC9F8402
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159970
Frame ID: 6192C48C36960C23488BEBA931711CD4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1A54EA5DC266B6CCC068A1E04332E568
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3C7113411142FB6CDF3D7656A817B865
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159941
Frame ID: 4212A4FAF5D07CB15ACDFF009F2E6E97
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 40F38B5A9DC6AD3289F95D43FEC9A7C7
Requests: 3 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: D8A52A0FE6049313AC052967508FEBBF
Requests: 2 HTTP requests in this frame

Frame: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=70163936362230&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Frame ID: EE429FADAF79B1538455FC4A6C0D4DA9
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 34C022FFE39E0F04EC6241FF48867CD8
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 38C7CFF44636AFEADE824DA80E337140
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D72D9837E354B81C794398135BB49C9E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0C6C095FD8591882371EE5189645CC76
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 85E2855AC77C6B7FB5931EA150BF7109
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 7A79EABDD234BEBF6FF90DA73955E5FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VnExpress - Báo tiếng Việt nhiều người xem nhất

Page URL History Show full URLs

http://cdzp1.com/wcoEudzUuC HTTP 302
http://vnexpress.net/ HTTP 301
https://vnexpress.net/ Page URL
https://vnexpress.net/ Page URL

Page Statistics

541
Requests

91 %
HTTPS

32 %
IPv6

56
Domains

127
Subdomains

101
IPs

11
Countries

10830 kB
Transfer

24056 kB
Size

98
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://e.vnexpress.net/
Title: International

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/
Title: Video

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/thoi-su
Title: Thời sự

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/nhip-song
Title: Nhịp sống

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/sports-life
Title: Sports Life

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/food
Title: Food

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/cuoc-song-4-0
Title: Cuộc sống 4.0

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toi-ke
Title: Tôi kể

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/chuyen-nui-rung
Title: Chuyện núi rừng

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toa-dam-kinh-te
Title: Tọa đàm kinh tế

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giai-tri
Title: Giải trí

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/du-lich
Title: Du lịch

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/the-gioi
Title: Thế giới

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/phap-luat
Title: Pháp luật

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/kinh-doanh
Title: Kinh doanh

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/khoa-hoc
Title: Khoa học

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giao-duc
Title: Giáo dục

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/suc-khoe
Title: Sức khỏe

Search URL Search Domain Scan URL

URL: https://startup.vnexpress.net/
Title: Startup

Search URL Search Domain Scan URL

URL: https://vief.vnexpress.net/
Title: ViEF

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=KinhDoanh_Menu&utm_campaign=DropMenu_Startup
Title: Vhome

Search URL Search Domain Scan URL

URL: https://vm.vnexpress.net/
Title: VM 2021

Search URL Search Domain Scan URL

URL: https://vrace.vnexpress.net/
Title: V-Race

Search URL Search Domain Scan URL

URL: https://diemthi.vnexpress.net/
Title: Điểm thi

Search URL Search Domain Scan URL

URL: https://diemthi.vnexpress.net/tra-cuu-dai-hoc
Title: Tra cứu đại học

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/o-to-xe
Title: Mua bán

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/?utm_campaign=VNEXPRESS&utm_source=footer&utm_medium=menu
Title: Rao vặt

Search URL Search Domain Scan URL

URL: https://shop.vnexpress.net/?utm_campaign=VNEXPRESS&utm_source=footer&utm_medium=menu
Title: Shop VnExpress

Search URL Search Domain Scan URL

URL: https://vlight.vnexpress.net/lien-he
Title: Mua ảnh VnExpress

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=Footer_Menu&utm_campaign=Menu_Home_AllFolder
Title: Vhome

Search URL Search Domain Scan URL

URL: https://ebox.vnexpress.net/
Title: eBox

Search URL Search Domain Scan URL

URL: https://eclick.vn/lien-he/?utm_source=VNE&utm_medium=CPC_BOX&utm_campaign=LienHeQuangCao
Title: Quảng cáo

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/expo?utm_source=VnExpress&utm_medium=Box&utm_campaign=Muanhacuoinam_Home_MB&utm_content=Vhome

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/

Search URL Search Domain Scan URL

URL: https://ai4vn.vnexpress.net/
Title: AI4VN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/congdongvnexpress/

Search URL Search Domain Scan URL

URL: https://twitter.com/VnEnews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVRqZH5QnrnbMWhElPBD-MQ?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101519049

Search URL Search Domain Scan URL

URL: https://click.google-analytics.com/redirect?tid=UA-41193011-3&url=https%3A%2F%2Fitunes.apple.com%2Fvn%2Fapp%2Fvnexpress-net%2Fid488630446%3Fl%3Dvi%26mt%3D8&aid=net.vnexpress.iphone&idfa={idfa}&cs=google&cm=cpc&anid=admob&hash=md5

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fr.playsoft.vnexpress&referrer=utm_source%3Dgoogle%26utm_medium%3Dbanner%26anid%3Dadmob

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101530095

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/vn/app/vnexpress-international/id1435726486?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fo.vnexpress.eng

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cdzp1.com/wcoEudzUuC HTTP 302
http://vnexpress.net/ HTTP 301
https://vnexpress.net/ Page URL
https://vnexpress.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cdzp1.com/wcoEudzUuC HTTP 302
http://vnexpress.net/ HTTP 301
https://vnexpress.net/

Request Chain 108

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5 HTTP 302
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f2524b91-5bbe-11ec-bd4c-1ab0ad8d0506

Request Chain 224

https://ad23.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D42ef94b3-91e3-4b11-a9c2-c0e64477c35c%26ag%3D18izhwm%26sfe%3D13ee3425%26sig%3DHKT6Vvofah4cr9PI3Obb_ujKGQ5tP3z-L9OlbTPYVuA.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dvnexpress.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D27%26agsa%3D%26wp%3DFED9B6D1B3C058CC%26rgz%3D85777%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21390%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.31%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome%26pcm%3D1%26ict%3DUnknown%26said%3D0c82ba459a910f151e063f398c20aaa3c4cfc538%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=https%3A%2F%2Fvnexpress.net%2F&ancestorOrigins=https%3A%2F%2Fvnexpress.net&random=4308315398306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad23.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D42ef94b3-91e3-4b11-a9c2-c0e64477c35c%26ag%3D18izhwm%26sfe%3D13ee3425%26sig%3DHKT6Vvofah4cr9PI3Obb_ujKGQ5tP3z-L9OlbTPYVuA.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dvnexpress.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D27%26agsa%3D%26wp%3DFED9B6D1B3C058CC%26rgz%3D85777%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21390%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.31%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome%26pcm%3D1%26ict%3DUnknown%26said%3D0c82ba459a910f151e063f398c20aaa3c4cfc538%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=https%3A%2F%2Fvnexpress.net%2F&ancestorOrigins=https%3A%2F%2Fvnexpress.net&random=4308315398306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 229

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=53583000009985000003104011807023&gdpr=&gdpr_consent= HTTP 302
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1639363622_&cachebuster=1639363622&awv=11430_473322_1639363622_f3052fc0-5bbe-11ec-8643-22623bd97fb3&gdpr=&gdpr_consent= HTTP 301
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTM3NTgwMjI7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzkzNjM2MjJfZjMwNTJmYzAtNWJiZS0xMWVjLTg2NDMtMjI2MjNiZDk3ZmIzOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
https://tracking.mlsat02.de/onepixel.gif

Request Chain 242

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad23.ad-srv.net%2Fc%2Fp5bkb3hwgnxnwnv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad23.ad-srv.net%2Fc%2Fp5bkb3hwgnxnwnv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Request Chain 283

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=22&key=46d1d8a9-db20-4a84-9b08-281cc892a497

Request Chain 284

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 286

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7731593877 HTTP 302
https://sync.1rx.io/usersync/tradedesk/9a0d967a-c2dd-49fd-b870-fdc8844ec57c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D200%26key%3DRX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=200&key=RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003

Request Chain 290

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTYxNjkzYmU4YTUwYzY3YmFmZjdhNDU0OWFlNmE5&gdpr=0&gdpr_consent=

Request Chain 307

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622555-925571806393-006971-002-004166%26biddername%3D55%26key%3D%24UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1639363622555-925571806393-006971-002-004166&biddername=55&key=938033878257425291

Request Chain 336

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmNmYTkzMWQ0MTc0NmFlZGVlNmJkMGRkMjkxMDkzNTk4ODgxMTVhZg&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 337

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/I9C8L6W234fpoxfcPD6jyMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 338

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEGVgZDRrMICWw5EGjfkKpEo&google_cver=1

Request Chain 339

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a0d967a-c2dd-49fd-b870-fdc8844ec57c&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30

Request Chain 340

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX42RV09-27-H1SE&sigv=1&esig=2~c5ea8096e9195d1c70716c94376758d72dd29736&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 341

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=Yba0JwALfr-rIgAz HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yba0JwALfr-rIgAz&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=Yba0JwALfr-rIgAz

Request Chain 347

https://gum.criteo.com/sid/json?origin=publishertag&domain=vnexpress.net&sn=ChromeSyncframe&so=0&topUrl=vnexpress.net&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=VVGwvHxIT3FHaUpsUGM4Sm1Eckl5bFd6eVRIRktWWGN1OVFESDlabWI2bnRSUjUrdGVZOTlPM0xCNmMyTlNobjhPdEFuUGRFNzZTRDdtajl1Qlh3eHVDTnBubkU0Yis5akFXU1lnWDJrK2ljQzRpa1liN1ZDUEZmTUZxbFZqUWZxOGt3VGwzRjJWeUhUMTBiWVpncGUzQ3lheUFHK29BS0dFakRDRmJIemxRV1RRMVpvdmpmYk9SY3E4d2pMMSt4Y3BPVHV3NWxJTHY1L0dIQzBvMytUVjhXS0VoeFZPMHYzb1R6dHFmNkpmM1VIcnYzM0UvcndFb3VzZjB6VnFIUWNHNWpBZmVJTkl1WXhwS2t1VjA3USt2ZzJZZz09fA&cppv=2

Request Chain 370

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=69eb21548d8fd41a3f31896b7cdf8138&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l032a_7041013147037783767 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEK3LK48L7IGVfJg_5eCiiDc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9a0d967a-c2dd-49fd-b870-fdc8844ec57c HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/69eb21548d8fd41a3f31896b7cdf8138?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-M3u38XxE2oMiUiJnb49o8phV3Q00ZdzsLgmF7x0L~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=938033878257425291 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=de7361b6-b428-4600-a888-8d94d0ddfbd2&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=4bi6Gg3D1MWBmM5&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2093463165018036868 HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AA0CBE7DbWgAAEzqjHsDFQ&gdpr=0

Request Chain 379

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=

Request Chain 380

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=69eb21548d8fd41a3f31896b7cdf8138&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 394

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEK3LK48L7IGVfJg_5eCiiDc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9a0d967a-c2dd-49fd-b870-fdc8844ec57c HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=938033878257425291 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=93e361b6-b428-4200-a0df-858ad6633836&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yba0JwALfr-rIgAz&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2093463165018036868 HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AA0CBE7DbWgAAEzqjHsDFQ&gdpr=0 HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=8775667080933379760 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2304492&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D

Request Chain 396

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEK3LK48L7IGVfJg_5eCiiDc&google_cver=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9a0d967a-c2dd-49fd-b870-fdc8844ec57c HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/69eb21548d8fd41a3f31896b7cdf8138?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-M3u38XxE2oMiUiJnb49o8phV3Q00ZdzsLgmF7x0L~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=40bc61b6-b428-4900-a369-bc1c52663bee&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=5VlsAzkk1MWBmM5&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2093463165018036868 HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAvgzU7DbWgAAExgjHsDFQ&gdpr=0 HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3011341032875855536 HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=9847874&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f55f25be-5bbe-11ec-ab9e-c11f7817a48e

Request Chain 400

https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=9363622541&gdpr=1&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=168.119.25.199&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&lat=48.35340&lon=11.54910&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=9363622541&gdpr=1&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=168.119.25.199&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&lat=48.35340&lon=11.54910&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400&a.y_rid=b39af99f-220a-4f25-bfb4-d1c63f9ceeb1&a.is_yahoo=3&redirect_y=dHM9MTYzOTM2MzYyNDAyMS42OTAxODY6YXBpZD1VUGYzNTBiN2M5LTViYmUtMTFlYy05MGM0LTA2NTBlYWFjYzBjMDpyZXF1ZXN0X2lkPWIzOWFmOTlmLTIyMGEtNGYyNS1iZmI0LWQxYzYzZjljZWViMQ==

Request Chain 410

https://image8.pubmatic.com/AdServer/ImgSync?p=158804 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158804&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUMxMTkxMkEtNTVDMy00Mjk2LTgyN0EtMUZFQUY5OTc3NDhF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 434

https://ib.adnxs.com/getuid?https://optimize.urekamedia.com/data-apnx?user_id=$UID&uid=70163936362230&url=https://vnexpress.net/ HTTP 302
https://optimize.urekamedia.com/data-apnx?user_id=938033878257425291&uid=70163936362230&url=https://vnexpress.net/

Request Chain 450

https://gcdn.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/47BE9E10328E8D8F62D49C5ECFE196BDCC1A03F0.B1D6314DC73F56F9A962C397E08A8F4C75885D46/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3051E4C1E259557667B802211E3CD909F3179633.1AB41E9F7B1C70A697B51D7015BACBDB8D6AA286/key/cms1/cms_redirect/yes/mh/UG/mip/2a01:4f8:a1:1a1:8a::1/mm/42/mn/sn-4g5ednld/ms/onc/mt/1639363232/mv/m/mvi/3/pl/42/file/file.mp4

Request Chain 453

https://gcdn.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/47BE9E10328E8D8F62D49C5ECFE196BDCC1A03F0.B1D6314DC73F56F9A962C397E08A8F4C75885D46/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81F9AD76AAF41860608250919B6437660CCABE4C.4A1F409CDADAB8291E56E1BE054D6B2CC3446BFA/key/cms1/cms_redirect/yes/mh/UG/mip/2a01:4f8:a1:1a1:8a::1/mm/42/mn/sn-4g5ednld/ms/onc/mt/1639363232/mv/m/mvi/3/pl/42/file/file.mp4

Request Chain 465

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.js?videoId=f197c3edd1374dcb3730b154882db538&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fvnexpress.net%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:ae4912f2-4970-94e4-3c1a-3f7cdfe93497,c:wDNVbd,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-74998c487d-tpzcx,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,br:c,abv:na,an:n,oam:0,vc:jv3,scm:grpm2,nbld:0,mtim:2,fm:sRrcHJK+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:fwjsvid,et:19,oid:f50100a3-5bbe-11ec-889e-06705c27ddb4,v:19.8.273,sp:0,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
https://static.adsafeprotected.com/skeleton.js?videoId=f197c3edd1374dcb3730b154882db538&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a

Request Chain 467

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.js?videoId=92c88f83ba635122d98f266797e29d5c&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fvnexpress.net%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:de932e4b-f6b6-7b26-3f9f-bfec690668ff,c:wDNVa3,sl:outOfView,em:false,fr:true,thd:1,mn:app22ie,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,br:c,abv:na,an:n,oam:0,vc:jv3,scm:grpm2,nbld:0,mtim:2,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:fwjsvid,et:19,oid:f501000a-5bbe-11ec-a59a-06da572054ee,v:19.8.273,sp:0,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
https://static.adsafeprotected.com/skeleton.js?videoId=92c88f83ba635122d98f266797e29d5c&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af

Request Chain 475

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.gif?xmtp=v&xmapp=0&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a

Request Chain 489

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.gif?xmtp=v&xmapp=0&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af

Request Chain 500

https://api-35-163-20-150.b2c.com/api/x?0g0DVeg7yzHdzmBg$dXJsJDAkaHR0cHM6Ly92bmV4cHJlc3MubmV0LyIsInJlZmVycmVyJDAkaHR0cHM6Ly92bmV4cHJlc3MubmV0LyIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTYuMC40NjY0LjkzIFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDEkdHJ1ZSIsImRvTm90VHJhY2skMSQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkNCIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJExpbnV4IHg4Nl82NCIsInByb2R1Y3QkMSRHZWNrbyIsInByb2R1Y3RTdWIkMSQyMDAzMDEwNyIsInNlbmRCZWFjb24kMSQxIiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC45MyBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDEkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMSQiLCJmb250cmVuZGVyJDEkMSIsIndlYmdsJDgkMSIsIndlYmdsMiQ4JDEiLCJ3ZWJnbC12ZW5kb3IkOCRJbnRlbCBJbmMuIiwid2ViZ2wtcmVuZGVyZXIkOCRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDkkOWRmZDI1NTkiLCJ0aW1lJDkkMTYzOTM2MzYyNjMwMyIsInRpbWV6b25lJDkkMCIsInBsdWdpbnMtdGltZSQ5JDAuMSIsInBsdWdpbnMkOSRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkOSQ2NCIsIm1lbS11c2VkSlNIZWFwU2l6ZSQ5JDUwLjQiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDkkMzc2MCIsInRpbWUtdW5sb2FkRXZlbnRTdGFydCQ5JDI5NCIsInRpbWUtdW5sb2FkRXZlbnRFbmQkOSQyOTQiLCJ0aW1lLWZldGNoU3RhcnQkOSQxIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ5JDEiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ5JDEiLCJ0aW1lLWNvbm5lY3RTdGFydCQ5JDEiLCJ0aW1lLWNvbm5lY3RFbmQkOSQxIiwidGltZS1yZXF1ZXN0U3RhcnQkOSQyIiwidGltZS1yZXNwb25zZVN0YXJ0JDkkMjkzIiwidGltZS1yZXNwb25zZUVuZCQ5JDI5NyIsInRpbWUtZG9tTG9hZGluZyQ5JDI5NSIsInRpbWUtZG9tSW50ZXJhY3RpdmUkMTAkMzY4IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQxMCQzNjgiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQxMCQzNjkiLCJ0aW1lLWRvbUNvbXBsZXRlJDEwJDM2NTkiLCJ0aW1lLWxvYWRFdmVudFN0YXJ0JDEwJDM2NjAiLCJ0aW1lLWxvYWRFdmVudEVuZCQxMCQzNjY2IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDEwJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMTAkcmVsb2FkIiwiZ2xvYmFscy10aW1lJDE5JDAuMyIsImdsb2JhbHMkMjAkNDBlYTA2ODciLCJkb2N1bWVudC10aW1lJDI3JDEuOSIsImRvY3VtZW50JDI4JDU2MGZmNDE0IiwiY29ubmVjdGlvbiQyOCQiLCJkb3dubGlua01heCQyOCQiLCJnZXRVc2VyTWVkaWEkMjgkMiIsInBhZ2UtZnJhbWUtY291bnQkMjkkMzgiLCJwYWdlLWZyYW1lLWxpc3QkMjkkNzI4eDkwIzM5NjhmYmY0ZjUzNDIzN2JjNzM0YjM4NTgwOTRhYmUxLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20gMzAweDUwMCNnb29nbGUgMzAweDI1MCMzOTY4ZmJmNGY1MzQyMzdiYzczNGIzODU4MDk0YWJlMS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tIDF4MSNnb29nbGUgMHgwI2FuaV9wYXNzYmFjayA0MDB4MjI1I2ltYXNkay5nb29nbGVhcGlzLmNvbSAweDAjPHNjcmlwdCBzcmM9aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9vbXNkay9yZWxlYXNlcy9saXZlL29td2ViLXYxLmpzPjwvc2NyaXB0PlxuICAgICAgPHNjcmlwdD5cbiAgICAgICAgd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJ21lc3NhZ2UnLCBmdW5jdGlvbihlKSB7XG4gICAgICAgICAgaWYgKGUuZGF0YS50eXBlID09PSAnaW5uZXJCcmlkZ2VJZnJhbWVMb2FkZWQnKSB7XG4gICAgICAgICAgICB3aW5kb3cuZnJhbWVFbGVtZW50LnBhcmVudEVsZW1lbnRcbiAgICAgICAgICAgICAgLnF1ZXJ5U2VsZWN0b3IoJyNnb29nXzE2MjI5NTAyNzQnKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ-XG4gICAgIDB4MCMgMHgwIyAzMDB4MTUwI2ltYXNkay5nb29nbGVhcGlzLmNvbSAweDAjPHNjcmlwdCBzcmM9aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9vbXNkay9yZWxlYXNlcy9saXZlL29td2ViLXYxLmpzPjwvc2NyaXB0PlxuICAgICAgPHNjcmlwdD5cbiAgICAgICAgd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJ21lc3NhZ2UnLCBmdW5jdGlvbihlKSB7XG4gICAgICAgICAgaWYgKGUuZGF0YS50eXBlID09PSAnaW5uZXJCcmlkZ2VJZnJhbWVMb2FkZWQnKSB7XG4gICAgICAgICAgICB3aW5kb3cuZnJhbWVFbGVtZW50LnBhcmVudEVsZW1lbnRcbiAgICAgICAgICAgICAgLnF1ZXJ5U2VsZWN0b3IoJyNnb29nXzE2MjI5NTAyNzUnKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ-XG4gICAgIDB4MCMgMHgwIyAweDAjaW1hc2RrLmdvb2dsZWFwaXMuY29tIDB4MCM8c2NyaXB0IHNyYz1odHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanM-PC9zY3JpcHQ-XG4gICAgICA8c2NyaXB0PlxuICAgICAgICB3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcignbWVzc2FnZScsIGZ1bmN0aW9uKGUpIHtcbiAgICAgICAgICBpZiAoZS5kYXRhLnR5cGUgPT09ICdpbm5lckJyaWRnZUlmcmFtZUxvYWRlZCcpIHtcbiAgICAgICAgICAgIHdpbmRvdy5mcmFtZUVsZW1lbnQucGFyZW50RWxlbWVudFxuICAgICAgICAgICAgICAucXVlcnlTZWxlY3RvcignI2dvb2dfMTYyMjk1MDI3NicpLmNvbnRlbnRXaW5kb3dcbiAgICAgICAgICAgICAgLnBvc3RNZXNzYWdlKHt0eXBlOiAnb21pZElmcmFtZUxvYWRlZCd9LCAnKicpO1xuICAgICAgICAgIH1cbiAgICAgICAgfSk7XG4gICAgICA8L3NjcmlwdD5cbiAgICAgMHgwIyAweDAjIDB4MCMgNDAweDIyNSNpbWFzZGsuZ29vZ2xlYXBpcy5jb20gMHgwIzxzY3JpcHQgc3JjPWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vb21zZGsvcmVsZWFzZXMvbGl2ZS9vbXdlYi12MS5qcz48L3NjcmlwdD5cbiAgICAgIDxzY3JpcHQ-XG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ185NzE1OTIyMjknKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ-XG4gICAgIDB4MCMgMHgwIyAweDAjaW1hc2RrLmdvb2dsZWFwaXMuY29tIDB4MCM8c2NyaXB0IHNyYz1odHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanM-PC9zY3JpcHQ-XG4gICAgICA8c2NyaXB0PlxuICAgICAgICB3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcignbWVzc2FnZScsIGZ1bmN0aW9uKGUpIHtcbiAgICAgICAgICBpZiAoZS5kYXRhLnR5cGUgPT09ICdpbm5lckJyaWRnZUlmcmFtZUxvYWRlZCcpIHtcbiAgICAgICAgICAgIHdpbmRvdy5mcmFtZUVsZW1lbnQucGFyZW50RWxlbWVudFxuICAgICAgICAgICAgICAucXVlcnlTZWxlY3RvcignI2dvb2dfOTcxNTkyMjMwJykuY29udGVudFdpbmRvd1xuICAgICAgICAgICAgICAucG9zdE1lc3NhZ2Uoe3R5cGU6ICdvbWlkSWZyYW1lTG9hZGVkJ30sICcqJyk7XG4gICAgICAgICAgfVxuICAgICAgICB9KTtcbiAgICAgIDwvc2NyaXB0PlxuICAgICAweDAjIDB4MCNpbWFzZGsuZ29vZ2xlYXBpcy5jb20gMHgwIzxzY3JpcHQgc3JjPWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vb21zZGsvcmVsZWFzZXMvbGl2ZS9vbXdlYi12MS5qcz48L3NjcmlwdD5cbiAgICAgIDxzY3JpcHQ-XG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ185NzE1OTIyMzEnKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ-XG4gICAgIDB4MCMgMHgwIzM5NjhmYmY0ZjUzNDIzN2JjNzM0YjM4NTgwOTRhYmUxLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20gMHgwI3MuZWNsaWNrLnZuIDB4MCNnLmVjbGljay52biAweDAjQVZMb2FkZXJhbmlwbGF5ZXJfdXJla2FKUzVlYTI2OTYzZTc5MmVhNTVjNzI2NGRhNyAweDAjIDB4MCNBVkxvYWRlcmFuaXBsYXllcl9zZWxlY3RKUzVkODFlZDc5MjhhMDYxNjQ2MjA4OThmMCAweDAjZ3VtLmNyaXRlby5jb20gMHgwI3d3dy5nb29nbGUuY29tIDB4MCMgMHgwIyIsInBhZ2UtaGFzaCQzOCRmYzE0MDdhZSIsImNsb2NrJDQyJDY2MTAiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDQ5JHByb21wdCIsImJhdHRlcnkkNDkkMSAxIDAgSW5maW5pdHkiLCJpbnRlcnNlY3Rpb24tc2l6ZSQ1MCQxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24kNTAkMjMiLCJhdWRpb2NvbnRleHQkNTAkZjdlNzEyZDkiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkNTEkcHJvbXB0IiwicGVybWlzc2lvbi1jYW1lcmEkNTEkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDUxJHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDUxJHByb21wdCIsImFkYmxvY2skNTYkMCIsInNvcnQkODIkMTQuNSIsImZyYW1lcmF0ZSQxNDckNzA~ HTTP 302
https://v4-api-35-163-20-150.b2c.com:444/api/4?0g0DVeg7yzHdzmBg

541 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
vnexpress.net/
Redirect Chain

http://cdzp1.com/wcoEudzUuC
http://vnexpress.net/
https://vnexpress.net/

192 KB
40 KB

674ms
178ms

Document
text/html

111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
v-cache: VNE4
cache-control: max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag: W/"2643e21a0635f71fcae96aa76eaacb58"
server: 877whgldd10bf7c7468e873e79ba2ad139
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

Date: Mon, 13 Dec 2021 02:46:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://vnexpress.net/
Server: 777whgldd10bf7c7468e873e79ba2ad139
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET ea3.js
s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ 0
0

GET
H2 200 gtm.js
www.googletagmanager.com/ 316 KB
60 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60999
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6353
date: Mon, 13 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 03:01:06 GMT

GET
H2 200 Primary Request / Show response
vnexpress.net/ 192 KB
40 KB 292ms
291ms Document
text/html 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

f638e7694528d6f72992e5458d55b45b14b30a0279624a1211f3d01bd135d8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
v-cache: VNE4
cache-control: max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag: W/"2643e21a0635f71fcae96aa76eaacb58"
server: 877whgldd10bf7c7468e873e79ba2ad139
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET perf
logperf.vnexpress.net/ 0
0

GET
BLOB 200
OK ad9d88ae-c5c6-4abd-95a5-fcf063743a82
https://vnexpress.net/ 531 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vnexpress.net/ad9d88ae-c5c6-4abd-95a5-fcf063743a82
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 531
Content-Type: text/javascript

GET js
www.googletagmanager.com/gtag/ 0
0

GET js
www.google-analytics.com/gtm/ 0
0

GET
H2 200 eclick.js Show response
s.eclick.vn/delivery/ 537 B
582 B 520ms
174ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/eclick.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_33 /
Resource Hash: 27deb63dcc7462526432b4dee7496ced94b55b1e0eb94b2aefdd5bce27afd001

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 03:56:34 GMT
server: FPT-static_eclick_141_33
etag: W/"61a843f2-219"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, static_eclick_141_33,no-cache
expires: Mon, 13 Dec 2021 02:47:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 640 of 1000 / last-modified: 1639177483"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H2 200 dfpbrand.js Show response
s.eclick.vn/delivery/dfp/ 24 KB
8 KB 999ms
666ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/dfpbrand.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_33 /
Resource Hash: f5ff7b1a96a0963d7b754722c07b01f20e15ac89b84bdc7cd7d30a1a700f071c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 05:06:50 GMT
server: FPT-static_eclick_141_33
etag: W/"61b03d6a-600e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Mon, 13 Dec 2021 03:47:00 GMT

GET
H2 200 prebid.js Show response
s.eclick.vn/delivery/dfp/ 268 KB
85 KB 835ms
502ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/prebid.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_33 /
Resource Hash: 32c1a3c1cca84eba2f902fd78637ced03040028f31744657b5d1be030992b185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 03:43:18 GMT
server: FPT-static_eclick_141_33
etag: W/"619328d6-430fc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Mon, 13 Dec 2021 03:47:00 GMT

GET
H2 200 ov_pc_vne_home_home.js Show response
s.eclick.vn/delivery/dfp/ 164 KB
23 KB 675ms
342ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_33 /
Resource Hash: ca409d75ded1c89f276bcb1e513af3131a8eb01e268168a67b5434aa063e9be1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 05:10:34 GMT
server: FPT-static_eclick_141_33
etag: W/"61aeecca-28f33"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Mon, 13 Dec 2021 03:47:00 GMT

GET
H2 200 1000000.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/ 184 KB
41 KB 158ms
10ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ed2a70f17b40efa67dccbd4e611eee0de040e99153751f629c220891e3f996e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Fri, 10 Dec 2021 09:39:36 GMT
server: keycdn-engine
etag: W/"61b32058-2e171"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 general-file.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/ 131 KB
23 KB 166ms
7ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/general-file.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c99bdc0edf23bac64c441cf9c86bcd7380bd7a705638543df05810192edc0532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Fri, 29 Oct 2021 10:14:05 GMT
server: keycdn-engine
etag: W/"617bc96d-20d96"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/general-file.css>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 vod.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/ 1 KB
912 B 160ms
12ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:32 GMT
server: keycdn-engine
etag: W/"60934550-446"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/vod.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 logo.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/ 5 KB
2 KB 156ms
8ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/logo.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:20 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/logo.svg>; rel="canonical"
x-edge-location: defr
etag: W/"60934508-13b6"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 ea3.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ 48 KB
18 KB 179ms
169ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ea3.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 66cb0f00518d0b6623c75fdd6493c8e9af42fcff888064ca70c1b2172cb782b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 12:26:10 GMT
etag: W/"61a8bb62-c112"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Wed, 14 Dec 2022 02:46:59 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 316 KB
60 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4ad6b3599b2f70f860112ba3748ae3c38549d456dde02682d90910f5aadcbf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60999
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6353
date: Mon, 13 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 03:01:06 GMT

GET
H/1.1 200
OK perf
logperf.vnexpress.net/ 0
0 1394ms
370ms Image
text/html 180.148.129.21
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1639363560000&timecookie=1639363560000&timeclient=1639388819000&action=no_reload
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.129.21 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 category.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/config/ 42 KB
10 KB 7ms
7ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/config/category.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 089254d65cf5d80aed690e39295de84ddef3b71576be05dad0c22a2284db7b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 09 Dec 2021 02:53:32 GMT
server: keycdn-engine
etag: W/"61b16fac-a893"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/config/category.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 fc Show response
vnexpress.net/microservice/ 156 KB
29 KB 185ms
185ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/fc

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

32605c7678ec901efa985ca5b97431865489b8655bb35bddda2eb404d6bd6f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 877whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
DATA 200
OK truncated
/ 0
0 Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Origin: https://vnexpress.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 Merriweather-woff2.css Show response
s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/webfonts/ 160 KB
122 KB 174ms
7ms XHR
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/webfonts/Merriweather-woff2.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7c3f0d6cfe9f8fde34bf9653db1b256bd0601b91b14e6336dde2187396a16efe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:23:00 GMT
server: keycdn-engine
etag: W/"609344f4-280fe"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/webfonts/Merriweather-woff2.css>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 icon-vne.svg Show response
s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/ 57 KB
19 KB 183ms
17ms XHR
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/icon-vne.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/icon-vne.svg>; rel="canonical"
x-edge-location: defr
etag: W/"609344f4-e3ec"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 vhome_expo_660x120.jpg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/ 147 KB
147 KB 9ms
9ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/vhome_expo_660x120.jpg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c87963accb73e5120d660a190955c90ce3527bc2d2441fa43a6c389c762352e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 150115
x-shield: active
last-modified: Wed, 08 Dec 2021 10:15:11 GMT
server: keycdn-engine
etag: "61b085af-24a63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/banner/vhome_expo_660x120.jpg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
BLOB 200
OK b68eb2a1-b46f-4966-a848-70da6afb463d
https://vnexpress.net/ 531 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vnexpress.net/b68eb2a1-b46f-4966-a848-70da6afb463d
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863016606095ee80bec9802da48ef003599574c8b1472e9030f6792bad4f2fc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 531
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 nhacsiphuquangtop-1639354602-1195-1639355658.jpg
vcdn1-giaitri.vnecdn.net/2021/12/13/ 216 KB
216 KB 551ms
134ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-giaitri.vnecdn.net/2021/12/13/nhacsiphuquangtop-1639354602-1195-1639355658.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=wn4mJ1-xxt2-6T4fj6nWaw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 5556ef9382b21c0163871773beeaf8388c5c5b29a2c86ca2b82f566ba6ba3337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 62
content-length: 220883
x-shield: active
last-modified: Mon, 13 Dec 2021 00:34:25 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-giaitri.vnecdn.net/2021/12/13/nhacsiphuquangtop-1639354602-1195-1639355658.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=wn4mJ1-xxt2-6T4fj6nWaw>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 hoquoctuanpng-1508200023.png
vcdn1-vnexpress.vnecdn.net/2017/10/17/ 14 KB
14 KB 39ms
7ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2017/10/17/hoquoctuanpng-1508200023.png?w=100&h=100&q=100&dpr=1&fit=crop&s=6JLTYZPK1kRXBw95Z2F6Nw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e64d8979656e216009c168a426b22befe8806f6f55aa4d30684ccd65481b2120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 27
content-length: 14093
x-shield: active
last-modified: Sun, 12 Dec 2021 17:00:32 GMT
server: keycdn-engine
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2017/10/17/hoquoctuanpng-1508200023.png?w=100&h=100&q=100&dpr=1&fit=crop&s=6JLTYZPK1kRXBw95Z2F6Nw>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 NamPhi-1639362356-8384-1639362360.jpg
vcdn1-giaitri.vnecdn.net/2021/12/13/ 14 KB
15 KB 543ms
133ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-giaitri.vnecdn.net/2021/12/13/NamPhi-1639362356-8384-1639362360.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=-D0SxMYazB8QV7G4BI_UMg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 54c55d4ff2edf5b67910a64ede733ccfbd52765ffe6eb66fda9ea41d6fb7cb54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 21
content-length: 14651
x-shield: active
last-modified: Mon, 13 Dec 2021 02:26:05 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-giaitri.vnecdn.net/2021/12/13/NamPhi-1639362356-8384-1639362360.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=-D0SxMYazB8QV7G4BI_UMg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 lazyload.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/ 10 KB
4 KB 17ms
17ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/lazyload.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:31 GMT
server: keycdn-engine
etag: W/"6093454f-27d4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/lazyload.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 home.defer.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/ 35 KB
11 KB 13ms
12ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/home.defer.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 69cb5c541d37c353b822d86de1d8f554c970ad5b8f69d14ffde034f46f60a79e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 25 Nov 2021 02:31:17 GMT
server: keycdn-engine
etag: W/"619ef575-8d32"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/home.defer.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 915dd02f429089ced081-163932798-7408-4349-1639328029.jpg
vcdn1-thethao.vnecdn.net/2021/12/12/ 52 KB
52 KB 536ms
20ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-thethao.vnecdn.net/2021/12/12/915dd02f429089ced081-163932798-7408-4349-1639328029.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=tNdZS1jBAVYfjaZiwA0gYA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 717939a5c700fec06451fa275f1917ebc3a1e6fec5dc230f230733b6dc914002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 179
content-length: 52778
x-shield: active
last-modified: Sun, 12 Dec 2021 16:54:03 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-thethao.vnecdn.net/2021/12/12/915dd02f429089ced081-163932798-7408-4349-1639328029.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=tNdZS1jBAVYfjaZiwA0gYA>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 91 KB
35 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P5FWR6V&t=gtm5&cid=943032122.1639363619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86096aae66a81aadff9dce60a6e5ffa16f4c96f3d1ab1ce8d5e7283d90a588d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36237
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e485f11c9478a02e4d579c47898551d375a6168a65e221c7e9e9a4e410567708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61889
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f67a74b5809be8d135ec070527c2f9eeb297c5519a45248ba2ddb648948115e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61943
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H2 200 cdp.js Show response
octopus-stream01-cads.fpt.vn/ 129 KB
130 KB 559ms
168ms Script
application/javascript 1.55.119.42
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: d30d5a15f01d0bf1d2eceda161aad30112be19ba8e5fbd1f1b65b15e32542b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
last-modified: Wed, 07 Jul 2021 14:43:31 GMT
server: nginx
etag: "60e5bd93-20428"
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 132136

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 38ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
976 B 53ms
15ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vnexpress.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

369f425efd4660e02947b9ce1faf29a9ffcfe79401ff33d3c2a1f145e418fff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:46:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 49ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-50285069-28&cid=943032122.1639363619&jid=293051563&gjid=473087919&_gid=234492645.1639363619&_u=SCCAgEADQAAAAE~&z=497136418

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 02:46:59 GMT
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1925925258&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCAgEADQ~&jid=293051563&gjid=473087919&cid=943032122.1639363619&tid=UA-50285069-28&_gid=234492645.1639363619&gtm=2wgc10N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd8=Home&cd17=No&cd19=Web&cd22=1&cd24=0&cd27=Home&cd37=&cd55=943032122.1639363619&z=379150761

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 21:19:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19622
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
345 B 39ms
14ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DQJ7NF9DN2&gtm=2oec10&_p=1925925258&sr=1600x1200&_gaz=1&ul=en-us&cid=943032122.1639363619&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1639363619&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
17ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQJ7NF9DN2&cid=943032122.1639363619&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 43ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQJ7NF9DN2&cid=943032122.1639363619&gtm=2oec10&aip=1&z=994488288

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 33ms
14ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-57577CKS2C&gtm=2oec10&_p=1925925258&sr=1600x1200&_gaz=1&ul=en-us&cid=943032122.1639363619&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1639363619&sct=1&seg=0&en=page_view&_fv=2&_ss=1&_c=1&ep.vn_segment=%7Bvn_segment%7D%7D&up.page_category=Home&up.page_category_id=1000000&up.page_subcategory_id=&up.page_type=Home&up.page_platform=Web&up.user_logged_in=No
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 16ms
15ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57577CKS2C&cid=943032122.1639363619&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57577CKS2C&cid=943032122.1639363619&gtm=2oec10&aip=1&z=987199410

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 42ms
17ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-50285069-28&cid=943032122.1639363619&jid=293051563&_u=SCCAgEADQAAAAE~&z=1961048810

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-50285069-28&cid=943032122.1639363619&jid=293051563&_u=SCCAgEADQAAAAE~&z=1961048810

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:46:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 59 KB
59 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506

Request headers

Referer
Origin: https://vnexpress.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 61 KB
61 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae

Request headers

Referer
Origin: https://vnexpress.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 hls.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/ 239 KB
70 KB 13ms
11ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/hls.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:27 GMT
server: keycdn-engine
etag: W/"6093454b-3bc3b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/hls.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 embed_vod.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/ 58 KB
15 KB 17ms
16ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/embed_vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c2c248c7102519c55137544468a0e4df2022422b3b948bd95da3c1455c0fc069

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Wed, 20 Oct 2021 09:10:46 GMT
server: keycdn-engine
etag: W/"616fdd16-e9c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/embed_vod.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 video-js.css
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/ 75 KB
23 KB 16ms
15ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/video-js.css
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/vod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:27 GMT
server: keycdn-engine
etag: W/"6093454b-12c5c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/video-js.css>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 ads.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/ 29 KB
7 KB 17ms
17ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/ads.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:46:59 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:27 GMT
server: keycdn-engine
etag: W/"6093454b-7595"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/ads.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:35:59 GMT

GET
H2 200 zepto.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/ 39 KB
12 KB 59ms
55ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/zepto.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:31 GMT
server: keycdn-engine
etag: W/"6093454f-9c7d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/zepto.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 simple-scrollbar.min.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/ 4 KB
2 KB 57ms
55ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/simple-scrollbar.min.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:31 GMT
server: keycdn-engine
etag: W/"6093454f-10a7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/simple-scrollbar.min.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 usi.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/ 12 KB
3 KB 56ms
55ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/usi.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9622e9cdcd817320b0580df15b6ce985203bd3f97571a70e7696705635ff5b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 14 Oct 2021 02:33:17 GMT
server: keycdn-engine
etag: W/"616796ed-2f3b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/usi.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 eclick_logo.png
static.eclick.vn/delivery/css/images/graphics/ 2 KB
2 KB 1052ms
253ms Image
image/png 111.65.249.131
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eclick.vn/delivery/css/images/graphics/eclick_logo.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.131 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_45 /
Resource Hash: 28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
last-modified: Tue, 28 Apr 2020 05:02:00 GMT
server: FPT-static_eclick_141_45
etag: "5ea7b8c8-76a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1898
expires: Wed, 12 Jan 2022 02:47:00 GMT

GET
H2 200 USSConnecticut9-1639357463-6601-1639357724.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/13/ 23 KB
23 KB 18ms
14ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/13/USSConnecticut9-1639357463-6601-1639357724.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=DaZQDM7o24PWRlgaRyDRiQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c4920c3b6a6cc7d1265841abc5c516f1dd4fd438ac3ab828edf0d99ca0c9595f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 36
content-length: 23391
x-shield: active
last-modified: Mon, 13 Dec 2021 01:08:51 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/13/USSConnecticut9-1639357463-6601-1639357724.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=DaZQDM7o24PWRlgaRyDRiQ>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 TV-1639357855-2027-1639357918.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/13/ 31 KB
32 KB 19ms
15ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/13/TV-1639357855-2027-1639357918.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=9qUj93nRwsGME4KXy3tqcQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1bab0de3bb5762ae321572182627df9edcc968bd81875be3deeb792d66d77d16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 42
content-length: 32234
x-shield: active
last-modified: Mon, 13 Dec 2021 01:12:04 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/13/TV-1639357855-2027-1639357918.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=9qUj93nRwsGME4KXy3tqcQ>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 A000-1639324576-1309-1639324606.jpg
vcdn1-thethao.vnecdn.net/2021/12/12/ 54 KB
55 KB 270ms
21ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-thethao.vnecdn.net/2021/12/12/A000-1639324576-1309-1639324606.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=snKArolXpR9w8V3Omg_CnA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8119041b6eed98533746563b68f922573b69bb43dce6698d8e6f22de948cecae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 42
content-length: 55765
x-shield: active
last-modified: Sun, 12 Dec 2021 15:56:53 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-thethao.vnecdn.net/2021/12/12/A000-1639324576-1309-1639324606.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=snKArolXpR9w8V3Omg_CnA>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 51614387634420-1639069775-3276-1639069809.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 17 KB
18 KB 20ms
16ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/51614387634420-1639069775-3276-1639069809.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=5Oj-0KxvKpv1rcXVpcZXsw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 75241ddae521a3bd41ad09f6f99c04e66506dc07719accf7ee757c490ef05ceb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 34
content-length: 17916
x-shield: active
last-modified: Sun, 12 Dec 2021 21:02:03 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/51614387634420-1639069775-3276-1639069809.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=5Oj-0KxvKpv1rcXVpcZXsw>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 Settop.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/13/ 24 KB
24 KB 20ms
17ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/13/Settop.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=wm5qO_5K-reUasttlG4TGA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 467c128d92a683e6c73a5ef060b0aab91e3f6820d118ade7ff1968c558adfc93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 30
content-length: 24312
x-shield: active
last-modified: Mon, 13 Dec 2021 01:47:05 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/13/Settop.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=wm5qO_5K-reUasttlG4TGA>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 5563187178137194anhamaynen-163-9559-3041-1639359660.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/13/ 63 KB
64 KB 21ms
17ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/13/5563187178137194anhamaynen-163-9559-3041-1639359660.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=AENBr9uKMrCAZjYdRZ5BOA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 517135790631ed31ba0bae4624dffc14ba3a9f449f09352feade20b57987e15d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 46
content-length: 64703
x-shield: active
last-modified: Mon, 13 Dec 2021 01:41:10 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/13/5563187178137194anhamaynen-163-9559-3041-1639359660.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=AENBr9uKMrCAZjYdRZ5BOA>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 chonoicairang-1639271172-9086-1639271180.jpg
vcdn1-dulich.vnecdn.net/2021/12/12/ 19 KB
20 KB 483ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-dulich.vnecdn.net/2021/12/12/chonoicairang-1639271172-9086-1639271180.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=p7Nyu1QXJ3BcyqnAK4aW9w
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 4e1ce2b3f4edd07a5d1ce47376c021c9f5b63764492050cd58dd5b30a04e3339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 47
content-length: 19729
x-shield: active
last-modified: Sun, 12 Dec 2021 01:06:29 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-dulich.vnecdn.net/2021/12/12/chonoicairang-1639271172-9086-1639271180.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=p7Nyu1QXJ3BcyqnAK4aW9w>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 video.lib.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/ 461 KB
131 KB 93ms
93ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/video.lib.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:27 GMT
server: keycdn-engine
etag: W/"6093454b-73376"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v2/helper/vod/video.lib.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 761ms
166ms XHR
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=aun2quh3kq32b41i.1639363620.des&orig_aid=aun2quh3kq32b41i.1639363620.des&myvne_user_id=0
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: bcfae0aa1f158579bb7c0f9e19808b74de85d08d45740d4b86045db211638cb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 13 Dec 2021 09:47:00 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK device_model_min.js Show response
la2.vnecdn.net/static/ 614 KB
614 KB 812ms
167ms Script
application/javascript 180.148.132.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://la2.vnecdn.net/static/device_model_min.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FT /
Resource Hash: c9d8c7dcab8308ee345a4cfbe7d52daa42865bf345de17bdb8e89b6450cbaddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:00 GMT
Last-Modified: Thu, 01 Jul 2021 18:25:29 GMT
Server: FT
ETag: "60de0899-997a5"
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 628645
Expires: Mon, 13 Dec 2021 03:02:00 GMT

GET get
la.vnecdn.net/ 0
0

GET
H/1.1 200
OK iplookup Show response
g.eclick.vn/ 278 B
596 B 917ms
167ms XHR
application/json 111.65.249.224
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.eclick.vn/iplookup
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.224 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9f468258692175b37db01844071922ff0ac4673b2d14dd4a7b3e0c40cbce7de9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK fopt.js Show response
adp.vnecdn.net/ 139 B
690 B 519ms
167ms Script
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/fopt.js?aid=aun2quh3kq32b41i.1639363620.des
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e9ac3e87bdff88d94626a954481013ca9763cfa11efb185983c65bee308d724d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 13 Dec 2021 09:47:00 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=7200, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Expires: Mon, 13 Dec 2021 12:47:00 GMT

GET
H2 200 bad.js Show response
s.eclick.vn/ 17 B
258 B 633ms
633ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/bad.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ea3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_33 /
Resource Hash: ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Sun, 09 Aug 2020 14:01:42 GMT
server: FPT-static_eclick_141_33
etag: W/"5f3001c6-11"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
expires: Tue, 14 Dec 2021 02:47:00 GMT

GET
H/1.1 204
No Content get
la2.vnecdn.net/ 0
421 B 501ms
166ms Image
text/plain 180.148.132.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://la2.vnecdn.net/get?app_id=100&ss_id=6164292&pg_id=ee5f992404bc6ca94f8116aed76d032b&site_id=1000000&page_type=1&idsite=1000000&type=site&fid=1000000&show_id=&aid=1000000&fosp_aid=aun2quh3kq32b41i.1639363620.des&orig_aid=aun2quh3kq32b41i.1639363620.des&fosp_country=null&fosp_gender=null&fosp_ip=null&fosp_isp=null&fosp_zone=null&fosp_location=null&adblock=0&myvne_user_id=0&referrer=https%3A%2F%2Fvnexpress.net%2F&url=https%3A%2F%2Fvnexpress.net%2F&publication=&author=&article_type=&wordcount=&list_folder=1000000&vn_aid=&vn_source=&vn_medium=&vn_campaign=&vn_term=&vn_content=&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&index_topic=0&index_format=0&index_type=&dm=&r=0.28002987798538004&v=0813&action=pv
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FT /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 13 Dec 2021 02:47:00 GMT
Cache-Control: no-cache
Server: FT
Connection: keep-alive
Expires: Mon, 13 Dec 2021 02:46:59 GMT

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 1 KB
2 KB 1089ms
235ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4402128-1;4402179-1;4402178-1;4402143-1;4402083-5;4402176-1;4402202-1;4402134-1;4402163-1;4401037-9;4402257-4;4402243-1;4401937-1;4402161-1;4396411-1;4401724-1;4401493-1;4402164-1;4402152-1;4402170-1;4402120-1;4401303-1;4402135-1;4402113-1;4402126-1;4402059-5;4402088-1&
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10477inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 5a1ae22c39c27651a6cffe117f500c7238fddb39db663449dd88f218b444c492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
cache-control: max-age=30
last-modified: Mon, 13 Dec 2021 02:47:01 GMT
server: 10477inhcdd10bf7c7468e873e79ba2ad134
etag: "pBk/2419o9AmIwVUI64wkg=="
content-length: 1293
content-type: text/javascript; charset=utf-8

GET
H2 200 myvne_users_redesign.js Show response
s1cdn.vnecdn.net/myvne/j/v33/ 54 KB
14 KB 66ms
66ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/myvne/j/v33/myvne_users_redesign.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7065179cdb7cbe93c5df291477e7d7fe36ce43398baec6f038b412f116284166

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Mon, 01 Nov 2021 01:23:14 GMT
server: keycdn-engine
etag: W/"617f4182-d73d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/myvne/j/v33/myvne_users_redesign.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 box-football-home Show response
vnexpress.net/microservice/ 846 B
730 B 239ms
239ms Fetch
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/box-football-home

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

34c7069272bf3822860a6046cdd19ea6ab491ca4f956a109f7ef71e3de7a012b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 877whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
v-type: 1
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 covid.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/ 33 KB
8 KB 56ms
55ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/covid.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 0e028461ad8b60b2ea37f9c003d251f33218dfaa70ca6f6d507863d487c1eb96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Tue, 07 Dec 2021 07:02:37 GMT
server: keycdn-engine
etag: W/"61af070d-8366"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/covid.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 home Show response
vnexpress.net/microservice/ 417 KB
69 KB 238ms
238ms Fetch
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/home

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

eedd967d3aaf90dfad648d15cc0da59d97ebe8c3e14dc6682597958294decbda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 877whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 th Show response
gw.vnexpress.net/ 49 KB
8 KB 800ms
176ms Fetch
application/json 180.148.132.75
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.vnexpress.net/th?types=gia_vang_v2,ty_gia_vcb,data_shop_v2_home_vne_160,data_egift,data_shop_v2_home,rao_vat_v2,ewiki,bank_rate_offline,bank_rate_online
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-ams_global_139_54 /
Resource Hash: c23035f4163745c173b0f1c85fd5ce78f08689e7fd42ece1bbed1ccb86bd2840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
server: FPT-ams_global_139_54
x-kong-server: kong_api_139_55
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: kong/1.2.1

GET
H2 200 fixture Show response
gw.vnexpress.net/football/ 1 MB
59 KB 1286ms
662ms Fetch
application/json 180.148.132.75
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.vnexpress.net/football/fixture?league_id=3431,3456,3506,3510,3513,3576,3632,
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-ams_global_139_54 /
Resource Hash: 4349ccdcc81db7821a3933da8c2875abc3cba6ca27ba64db9a406df132d8be60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
server: FPT-ams_global_139_54
x-kong-server: kong_api_139_55
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: kong/1.2.1

GET
H2 200 4245034 Show response
vnexpress.net/microservice/getconsultants/aid/ 21 KB
5 KB 293ms
293ms Fetch
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/getconsultants/aid/4245034

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

d2ed14cfff7884e5cd6eaf7ff8efb59a57ffba7a368c7e8cd80f5f4900bdb547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 877whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 box-covid-2021.css
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/css/ 23 KB
5 KB 140ms
139ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/css/box-covid-2021.css
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/covid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e5c10308ff09f026f2830b6351ed62a8b570f63827c047ce4c4fd653eb71a2cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Tue, 23 Nov 2021 02:44:01 GMT
server: keycdn-engine
etag: W/"619c5571-5b6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/css/box-covid-2021.css>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 covid19_2021_by_location Show response
vnexpress.net/microservice/sheet/type/ 64 KB
14 KB 232ms
232ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_by_location

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

3f0aca0f595e51de1d50b84fc306946912673f4b1ad9d1c23c16d549373c9f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 877whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 jquery.magnific-popup.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 41 KB
11 KB 33ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.js

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v33/myvne_users_redesign.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2189205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10834
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-a302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sct0PajrUCPVYNz55HIOXAJ9kzGWDjU66l9txZA5BJif1koytxjpLeBfi2x2pFZpHekgTb9vuZkcOxbHhSCKgl14PPphoOYYKMgz%2FLdT376waMI5K4VDLbEu9TgZtFpIdjp51McBabONwlSVq72xX2%2Bp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bcbdd8589fb697b-FRA
expires: Sat, 03 Dec 2022 02:47:00 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 184 KB
73 KB 383ms
359ms Script
application/javascript 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v33/myvne_users_redesign.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46e54d86c4c46b8e1a8627d2c578f9ec4a9610dce1e6bfbfc428f0cbaadf42d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1mwI26Gbn+iV0k6Xm1IZaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-1mwI26Gbn+iV0k6Xm1IZaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/ 20 KB
8 KB 135ms
135ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/jquery.magnific-popup.min.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v33/myvne_users_redesign.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:31 GMT
server: keycdn-engine
etag: W/"6093454f-4ef8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/jquery.magnific-popup.min.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 myvne_2019.css
s1cdn.vnecdn.net/myvne/c/v33/ls/ 12 KB
3 KB 135ms
135ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/myvne/c/v33/ls/myvne_2019.css
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 26347690a42de76f183305c56c8d2544d67a6a70defc5a86164953528e306fb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Wed, 09 Jun 2021 02:20:03 GMT
server: keycdn-engine
etag: W/"60c02553-2e60"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/myvne/c/v33/ls/myvne_2019.css>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
BLOB 200
OK 0def99c0-d5a7-499c-93f1-35694bf9561c
https://vnexpress.net/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vnexpress.net/0def99c0-d5a7-499c-93f1-35694bf9561c
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 adsbyeclick.js Show response
scdn.eclick.vn/delivery/asset/327683460/ 25 KB
10 KB 83ms
7ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/asset/327683460/adsbyeclick.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/eclick.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 574e37c4a8e0611fc0070eed9b8d53376825010e1bfc866403fe10caad767c6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 03:55:40 GMT
server: keycdn-engine
link: <http://s.eclick.vn/delivery/asset/327683460/adsbyeclick.js>; rel="canonical"
x-edge-location: defr
etag: W/"61a843bc-621f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-shield: active
expires: Mon, 13 Dec 2021 03:47:00 GMT

GET
H2 200 1571.png
is.vnecdn.net/objects/teams/ 2 KB
3 KB 1062ms
166ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/1571.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: aab6584820b446dc81010d7e1149b2975cac086cd1d70e7109eff5d2e1faaffc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Wed, 02 Jun 2021 07:41:15 GMT
etag: "60b7361b-8ff"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2303
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 logo_vietnam_team.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/ 190 B
599 B 7ms
7ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/logo_vietnam_team.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 67a183b58df3547aef85d7501af34d829764f4d025afcc2d0782f4866338f893

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 190
x-shield: active
last-modified: Sun, 06 Jun 2021 03:01:29 GMT
server: keycdn-engine
etag: "60bc3a89-be"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/banner/logo_vietnam_team.png>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 swiper.min.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/ 122 KB
33 KB 7ms
6ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/swiper.min.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ca2e313c4d7f075f05e0175473fd193d50b280a0e45677d9e431782a6588a8f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Thu, 06 May 2021 01:24:31 GMT
server: keycdn-engine
etag: W/"6093454f-1e949"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/libs/swiper.min.js>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 TSBSTngHNamAnhjpg-1639101759.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 22 KB
22 KB 8ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/TSBSTngHNamAnhjpg-1639101759.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=YHXQYqmq76jWXkNllsA_JQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 77d2ac6d57403bfe830a18d3e094e08a849d59e49a86b0f944a55e2ab6d9027a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 34
content-length: 22182
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/TSBSTngHNamAnhjpg-1639101759.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=YHXQYqmq76jWXkNllsA_JQ>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 THSBSTrnAnhVjpg-1639101749.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 22 KB
22 KB 8ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/THSBSTrnAnhVjpg-1639101749.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=rBRT-uHyiGw90ad-7FXFFg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8fb01a2b06bb3323069e79b097d4e749d933c382ec7a09c772d29d7737c78a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 33
content-length: 22431
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/THSBSTrnAnhVjpg-1639101749.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=rBRT-uHyiGw90ad-7FXFFg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 THSBSCKILnhKhoajpg-1639101740.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 22 KB
22 KB 9ms
8ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/THSBSCKILnhKhoajpg-1639101740.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=t7a_WP3M-ihVqWikJTS8Dw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 52281193de29b6eb4bd1eb75469c08fbc3cd1ada69007740c6b144eb1ab03b61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 41
content-length: 22321
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/THSBSCKILnhKhoajpg-1639101740.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=t7a_WP3M-ihVqWikJTS8Dw>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 BSCKIPhmQuangThanhLongjpg-1639101728.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 22 KB
22 KB 9ms
8ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/BSCKIPhmQuangThanhLongjpg-1639101728.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=o9DrSrsUDBd53kOZxjjUzA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: eae8c5cf154893d34373d16452537ce0752e37cd9a53e226d0822eac51c28493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 40
content-length: 22528
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/BSCKIPhmQuangThanhLongjpg-1639101728.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=o9DrSrsUDBd53kOZxjjUzA>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 THSBSCKIngKhoaHcjpg-1639101715.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 20 KB
21 KB 9ms
9ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/THSBSCKIngKhoaHcjpg-1639101715.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=1kKnCqPQVAGvxKPE_IXRcA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 3cc18ed147a0b0836766cab6baeb74d6ca5ef0f698bf246efa4e2c981111f813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 52
content-length: 20782
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/THSBSCKIngKhoaHcjpg-1639101715.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=1kKnCqPQVAGvxKPE_IXRcA>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 THSBSNguynThySongHjpg-1639101705.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 22 KB
22 KB 10ms
9ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/THSBSNguynThySongHjpg-1639101705.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=taUJfq4VziwD12TSXSlykw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b54873b73ddb118dc1b3bfffd47bc2b343f539d1178c1aa7f0e38dd07cae98af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 33
content-length: 22264
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/THSBSNguynThySongHjpg-1639101705.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=taUJfq4VziwD12TSXSlykw>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 THSBSTrngHongHuyjpg-1639101696.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 22 KB
23 KB 10ms
10ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/THSBSTrngHongHuyjpg-1639101696.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=gc6es3R7dpQn7XuKjLRoRQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 5a2eeb10e4e677f2d320bf572aeebfd530848eb6d15a4da4f84d389f9a4a8905

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 44
content-length: 22866
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/THSBSTrngHongHuyjpg-1639101696.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=gc6es3R7dpQn7XuKjLRoRQ>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 ThSKHTTLThanhNghjpg-1639101684.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 23 KB
23 KB 10ms
10ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/ThSKHTTLThanhNghjpg-1639101684.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=G5N3_dDDO17czdTl6IVr7Q
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: f9c5b9291f841c6a29a081811e64e594aba773a8eccbbaa898f9b10a435c0454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 47
content-length: 23516
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/ThSKHTTLThanhNghjpg-1639101684.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=G5N3_dDDO17czdTl6IVr7Q>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 BSNguynThMLinhjpg-1639101669.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/10/ 29 KB
29 KB 11ms
11ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/10/BSNguynThMLinhjpg-1639101669.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=CUJj3-QBuNKSbEhSOH321w
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 4fe2a16e2a0fbee25aadf13832c464ab7237cb93e7bbc671cd0eae5eb106f745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 56
content-length: 29361
x-shield: active
last-modified: Fri, 10 Dec 2021 07:23:59 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/10/BSNguynThMLinhjpg-1639101669.jpg?w=100&h=100&q=100&dpr=2&fit=crop&s=CUJj3-QBuNKSbEhSOH321w>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 948 B
1 KB 717ms
170ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4402162-1;4402282-1;4401949-1;4401601-1;4402058-1;4402137-1;4402144-1;4402183-1;4402185-1;4402181-1;4402252-1;4401976-1;4402193-1;4402047-1;4402135-1;4402172-1;4402248-1;4402098-1;4402089-1;4401738-1&
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10477inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: d4891d43c15c3b6428efecfed2b3cacbd3338ced8ecf4453ceeefe57bde19aa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
cache-control: max-age=30
last-modified: Mon, 13 Dec 2021 02:46:44 GMT
server: 10477inhcdd10bf7c7468e873e79ba2ad134
etag: "84YvSx/KEwES//PfgeyGRw=="
content-length: 948
content-type: text/javascript; charset=utf-8

GET
H2 200 e-cooking.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/cooking/pc/graphics/ 5 KB
3 KB 10ms
6ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/cooking/pc/graphics/e-cooking.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 58c1655edec242ddc2a55d055b02bb32f38b9d1b5bf139d3c050443a05213533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 02:34:10 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/cooking/pc/graphics/e-cooking.svg>; rel="canonical"
x-edge-location: defr
etag: W/"60e512a2-13e9"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 sync_retar.html Show response
s.eclick.vn/delivery/ Frame 45D3 5 KB
2 KB 253ms
253ms Document
text/html 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/sync_retar.html
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_33 /
Resource Hash: faf26da8f02338afdb69220c7abfe43a28d02680cdca0d7c50a7d08d4a309572

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 30 Aug 2021 06:37:54 GMT
etag: W/"612c7cc2-127c"
expires: Tue, 14 Dec 2021 02:47:00 GMT
cache-control: max-age=86400
server: FPT-static_eclick_141_33
content-encoding: gzip

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f2524b91-5bbe-11ec-bd4c-1ab0ad8d0506

0
588 B

21ms
20ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f2524b91-5bbe-11ec-bd4c-1ab0ad8d0506
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Mon, 13 Dec 2021 02:47:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 80
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Mon, 13 Dec 2021 02:47:00 GMT
Server: nginx
Location: /partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f2524b91-5bbe-11ec-bd4c-1ab0ad8d0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 105
Connection: keep-alive
Content-Length: 0

GET
H2 200 Thumb2-1639324192-3470-1639324219.jpg
vcdn1-kinhdoanh.vnecdn.net/2021/12/12/ 29 KB
30 KB 726ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2021/12/12/Thumb2-1639324192-3470-1639324219.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=yo8_nw63CgZvJCGcGoZlLg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 678624abb427bb215496c33b2121eb93dcdf2d1eea2d584bdb7d1fc089dc9846

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 15
content-length: 30042
x-shield: active
last-modified: Sun, 12 Dec 2021 15:50:23 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-kinhdoanh.vnecdn.net/2021/12/12/Thumb2-1639324192-3470-1639324219.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=yo8_nw63CgZvJCGcGoZlLg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:01 GMT

GET
H2 200 verstappen-jpeg-1639320301-163-2760-5113-1639320354.jpg
vcdn1-thethao.vnecdn.net/2021/12/12/ 28 KB
29 KB 8ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-thethao.vnecdn.net/2021/12/12/verstappen-jpeg-1639320301-163-2760-5113-1639320354.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=IUTM7Ubg-PR47d-o8Pm2vw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9fa4417f1562e8c56d08ef600beb52ab952d2543f451e50ff0db3ea574e8e56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 46
content-length: 28708
x-shield: active
last-modified: Sun, 12 Dec 2021 14:46:00 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-thethao.vnecdn.net/2021/12/12/verstappen-jpeg-1639320301-163-2760-5113-1639320354.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=IUTM7Ubg-PR47d-o8Pm2vw>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 batchkimduyenbi-1639361291-5450-1639361407.jpg
vcdn1-giaitri.vnecdn.net/2021/12/13/ 58 KB
59 KB 7ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-giaitri.vnecdn.net/2021/12/13/batchkimduyenbi-1639361291-5450-1639361407.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=yrsY140m2D6_yHAHa7FFWA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 5cac1851aa3e0a3f74d7d0b17d8b9153658a91e230fc50d850bb2db9d250b70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 30
content-length: 59488
x-shield: active
last-modified: Mon, 13 Dec 2021 02:10:30 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-giaitri.vnecdn.net/2021/12/13/batchkimduyenbi-1639361291-5450-1639361407.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=yrsY140m2D6_yHAHa7FFWA>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 eco3-1639326946-4414-1639327134.jpg
vcdn1-vnexpress.vnecdn.net/2021/12/12/ 28 KB
28 KB 7ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/12/12/eco3-1639326946-4414-1639327134.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=WfezN5thWjvChXIUjZLw2A
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: d33e6b08c023d3e96fd75681ac6aee901ac91655fc22da459652aa356c520697

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
x-envoy-upstream-service-time: 45
content-length: 28597
x-shield: active
last-modified: Sun, 12 Dec 2021 16:39:02 GMT
server: keycdn-engine
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://i1-vnexpress.vnecdn.net/2021/12/12/eco3-1639326946-4414-1639327134.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=WfezN5thWjvChXIUjZLw2A>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 icon-eclick.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/images/graphics/ 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/images/graphics/icon-eclick.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/images/graphics/icon-eclick.svg>; rel="canonical"
x-edge-location: defr
etag: W/"609344f4-757"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 logo_vlight.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/images/graphics/ 336 B
757 B 7ms
7ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/images/graphics/logo_vlight.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 336
x-shield: active
last-modified: Wed, 22 Sep 2021 07:54:47 GMT
server: keycdn-engine
etag: "614ae147-150"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/images/graphics/logo_vlight.svg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 Download_Huawei.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/ 7 KB
7 KB 7ms
6ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/Download_Huawei.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 7185
x-shield: active
last-modified: Thu, 06 May 2021 01:23:20 GMT
server: keycdn-engine
etag: "60934508-1c11"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/Download_Huawei.png>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 Download_AppStore.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/ 4 KB
5 KB 8ms
7ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/Download_AppStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 4569
x-shield: active
last-modified: Thu, 06 May 2021 01:23:20 GMT
server: keycdn-engine
etag: "60934508-11d9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/Download_AppStore.png>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 Download_PlayStore.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/ 7 KB
7 KB 8ms
7ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/Download_PlayStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 6936
x-shield: active
last-modified: Thu, 06 May 2021 01:23:20 GMT
server: keycdn-engine
etag: "60934508-1b18"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/Download_PlayStore.png>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 qr_app.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/ 65 KB
5 KB 8ms
8ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/qr_app.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:20 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/qr_app.svg>; rel="canonical"
x-edge-location: defr
etag: W/"60934508-104d3"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 qr_app_en.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/ 68 KB
8 KB 8ms
8ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/qr_app_en.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:20 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/v2_2019/pc/graphics/qr_app_en.svg>; rel="canonical"
x-edge-location: defr
etag: W/"60934508-1110a"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 icon-eclick.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/icon-eclick.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/general-file.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/general-file.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/icon-eclick.svg>; rel="canonical"
x-edge-location: defr
etag: W/"609344f4-757"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 logo_vlight.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/ 336 B
759 B 11ms
11ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/logo_vlight.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/general-file.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/general-file.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 336
x-shield: active
last-modified: Wed, 22 Sep 2021 07:54:47 GMT
server: keycdn-engine
etag: "614ae147-150"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/c/v973/v2_2019/pc/images/graphics/logo_vlight.svg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 covid19_2021_by_day Show response
vnexpress.net/microservice/sheet/type/ 123 KB
26 KB 218ms
218ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_by_day

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

877whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

9e9267b6030afb09f572ce5160275b53e404af9111ff6055584af8bd1df25d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 877whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
175 B 466ms
154ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:01 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
186 B 63ms
18ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=16249806014
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:00 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 99 KB
18 KB 134ms
102ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d2df1687c2ec8554f2d8f45def0ab3c52bc4824449df0bf56139c6db7c06693a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 13 Dec 2021 02:47:00 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: efd751dd-81c3-4a99-b278-ffc3543c15dd
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 69ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK eclookup.html Show response
g.eclick.vn/delivery/ Frame F4EC 5 KB
3 KB 501ms
167ms Document
text/html 111.65.249.224
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=aun2quh3kq32b41i.1639363620.des&orig_aid=aun2quh3kq32b41i.1639363620.des&myvne_user_id=0
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/asset/327683460/adsbyeclick.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.224 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

Server: nginx/1.12.2
Date: Mon, 13 Dec 2021 02:47:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
331 B 167ms
167ms XHR
application/json 1.55.119.42
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=d166cbf3-01dc-4b84-909a-d256e7ecf8f4
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: d2649c7ba0cb7b8ac5cc0a9901a49f2c397ff340118081316840470e3dca2473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:00 GMT
access-control-allow-credentials: true
server: nginx
content-length: 51
content-type: application/json

GET
H2 200 sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
331 B 167ms
167ms XHR
application/json 1.55.119.42
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=d166cbf3-01dc-4b84-909a-d256e7ecf8f4
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: d2649c7ba0cb7b8ac5cc0a9901a49f2c397ff340118081316840470e3dca2473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:00 GMT
access-control-allow-credentials: true
server: nginx
content-length: 51
content-type: application/json

POST
H2 200 p Show response
octopus-stream01-cads.fpt.vn/analytics/ 17 B
112 B 664ms
333ms XHR
application/octet-stream 1.55.119.42
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/p
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
server: nginx
content-type: application/octet-stream

GET
H2 200 home_boxkd_560x160.jpg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/ 93 KB
93 KB 7ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/home_boxkd_560x160.jpg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: dcd676352f731e5fc1d14f8ee2c091354675810753700e6cea1af0230ac64671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 95195
x-shield: active
last-modified: Mon, 06 Dec 2021 04:29:18 GMT
server: keycdn-engine
etag: "61ad919e-173db"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/banner/home_boxkd_560x160.jpg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 logo-startup.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/ 6 KB
3 KB 9ms
9ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/logo-startup.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: aaed9e48c2425016dab5bf1d7220b2553620bbd1beb6f8f662e1606901518652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 03:46:49 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/banner/logo-startup.svg>; rel="canonical"
x-edge-location: defr
etag: W/"60d00ba9-16f2"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 logo-vhome.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/ 44 KB
32 KB 9ms
9ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v500/banner/logo-vhome.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: f01892dc1842a40a7451343fe3b46c61a74e661dfb6404ceac6d7453bd8116ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:00 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 03:46:49 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/i/v500/banner/logo-vhome.svg>; rel="canonical"
x-edge-location: defr
etag: W/"60d00ba9-aeac"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:00 GMT

GET
H2 200 get_basic Show response
gw.vnexpress.net/ar/ 103 B
302 B 392ms
392ms XHR
application/json 180.148.132.75
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.vnexpress.net/ar/get_basic?article_id=4231640&data_select=publish_time
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/covid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-ams_global_139_54 /
Resource Hash: 354cde304ce3d760f2a4ad018bd1c50842c26f8669b3dbfbbb589c980b9562e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
server: FPT-ams_global_139_54
x-kong-server: kong_api_139_55
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: kong/1.2.1

GET
H2 200 get_rule_2 Show response
gw.vnexpress.net/ar/ 737 B
618 B 392ms
392ms XHR
application/json 180.148.132.75
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.vnexpress.net/ar/get_rule_2?category_id=1005023&limit=3&page=1&&data_select=title,share_url
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/widget/covid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-ams_global_139_54 /
Resource Hash: eed37f6146ce8b310c73a7eae6e7af77e1644351dbac3930f14fd2efc7c33206

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
server: FPT-ams_global_139_54
x-kong-server: kong_api_139_55
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: kong/1.2.1

GET
H2 200 dotted.svg
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/ 771 B
1 KB 27ms
27ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/dotted.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c541888c9497913d5428327a0bc0886290a263284bb7e11d1bcee7733be15304

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 771
x-shield: active
last-modified: Mon, 27 Sep 2021 03:26:56 GMT
server: keycdn-engine
etag: "61513a00-303"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/dotted.svg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:01 GMT

GET
H3 200 style
accounts.google.com/gsi/ 658 B
440 B 67ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.sfEyfeao_9E.O/am=chE/d=1/rs=AF0KOtW8lfG_r32MeHektUUsH82Ip8ajIQ/m=gis_client_library

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23800168696b24b4338abfc4a31c048f3c0590957f80ece95bfebb30e2be356b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-de3Z4jWbDouy6y9hIIHSZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-de3Z4jWbDouy6y9hIIHSZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H2 200 noun_heal.svg
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/ 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/noun_heal.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9fef10f19ecd21e2bd95af1dd2dd525fc8f1fcbca16328dba520672d7f0f3ec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 03:26:56 GMT
server: keycdn-engine
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/noun_heal.svg>; rel="canonical"
x-edge-location: defr
etag: W/"61513a00-745"
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
x-shield: active
expires: Tue, 13 Dec 2022 08:36:01 GMT

GET
H2 200 help.svg
s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/ 827 B
1 KB 8ms
7ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/help.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c08cce165711c7d45255dee5fa18185b0ac36b0a19ba14629f9e67c192a2fe3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
x-edge-location: defr
x-cache: HIT, HIT
content-length: 827
x-shield: active
last-modified: Mon, 27 Sep 2021 03:26:56 GMT
server: keycdn-engine
etag: "61513a00-33b"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v2683/v3/helper/interactions/covid/images/graphics/help.svg>; rel="canonical"
expires: Tue, 13 Dec 2022 08:36:01 GMT

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 706 B
1 KB 265ms
264ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4402078-1;4401999-1;4401273-10;4402065-1;4402149-1;4402175-4;4402093-1;4401942-1;4402019-1;4401946-1;4402245-3;4401947-1;4402070-1;4402050-1;4402021-1&
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2683/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10477inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 228c6c180aca3421e4b3c73d18ad536ac64482739c46fe52ed9b1ff49b2a52ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
cache-control: max-age=30
last-modified: Mon, 13 Dec 2021 02:46:50 GMT
server: 10477inhcdd10bf7c7468e873e79ba2ad134
etag: "iEY5MLshixC/ARtJhgJx1A=="
content-length: 706
content-type: text/javascript; charset=utf-8

GET
H2 200 541.png
is.vnecdn.net/objects/teams/ 22 KB
22 KB 166ms
163ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/541.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:44 GMT
etag: "5ffd059c-56ff"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 22271
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 530.png
is.vnecdn.net/objects/teams/ 6 KB
6 KB 328ms
324ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/530.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 72c24d7d5607ba05f79991c4b2da9e2f46e89cef8ab2f5bc868d64e3f0edefbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:41 GMT
etag: "5ffd0599-1663"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5731
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 85.png
is.vnecdn.net/objects/teams/ 29 KB
30 KB 328ms
325ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/85.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: ca6329d951be61f37f8e1267de5845600a9640d9a354e018caa32222408e6333

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:13:33 GMT
etag: "5ffd05cd-750a"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 29962
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 91.png
is.vnecdn.net/objects/teams/ 14 KB
14 KB 489ms
486ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/91.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 371080d3fd974b70490aa1c16818b065ad34d04ef36217edf836e710bfb82dd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:13:42 GMT
etag: "5ffd05d6-3875"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 14453
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 505.png
is.vnecdn.net/objects/teams/ 10 KB
10 KB 490ms
486ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/505.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: fad4494b6752b2c24e0d25b2234ffe7901e317c425e5e50ab6e90002292e2518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:14:01 GMT
etag: "5ffd05e9-27ea"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10218
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 490.png
is.vnecdn.net/objects/teams/ 7 KB
8 KB 490ms
486ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/490.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 96052ad58c7e617755b57da261f2496de4e32fbbf52314d7121234aad17c5086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:14:10 GMT
etag: "5ffd05f2-1dae"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7598
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 727.png
is.vnecdn.net/objects/teams/ 14 KB
14 KB 490ms
486ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/727.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: bbcb0ab0de80017508e91dbb9f5aac07fff7cfdd08107431745ca4c1300a3b4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:49 GMT
etag: "5ffd05a1-3817"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 14359
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 529.png
is.vnecdn.net/objects/teams/ 12 KB
12 KB 490ms
486ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/529.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:46 GMT
etag: "5ffd059e-3045"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 12357
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 172.png
is.vnecdn.net/objects/teams/ 25 KB
25 KB 490ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/172.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: e29a30628c9f36c7e06fa43f2ff9892a248ab7dcb6826462750cf1d7358896a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:13:19 GMT
etag: "5ffd05bf-6411"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 25617
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 157.png
is.vnecdn.net/objects/teams/ 24 KB
24 KB 490ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/157.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: fd65871333f32a3f54174f62fb06282f9dcad18926ad1aaf575f8962f17bc7d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:13:09 GMT
etag: "5ffd05b5-5ff7"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 24567
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 55.png
is.vnecdn.net/objects/teams/ 11 KB
11 KB 490ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/55.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 48cae4cee758cced25c68bb6d0c4b1907b7a34034eafce848dba45e025f7cd3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Wed, 21 Jul 2021 02:59:36 GMT
etag: "60f78d98-2a8f"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10895
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 33.png
is.vnecdn.net/objects/teams/ 32 KB
33 KB 490ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/33.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 891522ce75d989b789bf28488295a58d5c0b41c58f2fea9b02529e824a2ad51f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:19 GMT
etag: "5ffd0583-80fb"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 33019
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 50.png
is.vnecdn.net/objects/teams/ 11 KB
11 KB 489ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/50.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 090f6609ab46ca56313d8ddf62ef2185fed4846b2271b77f5f5f95af5cda24dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:26 GMT
etag: "5ffd058a-2b70"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 11120
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 63.png
is.vnecdn.net/objects/teams/ 14 KB
14 KB 489ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/63.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 9f58f9f706d4adab425001292d9d0554fed85a3263dc4c1c667985c106c5a571

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:36 GMT
etag: "5ffd0594-3651"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 13905
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 42.png
is.vnecdn.net/objects/teams/ 18 KB
19 KB 489ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/42.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: ba273b85e8fe0043c3dad252bf5f782e67e1f2b43c8339f6393e4020cb4b7123

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:37 GMT
etag: "5ffd0595-4993"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 18835
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 48.png
is.vnecdn.net/objects/teams/ 8 KB
8 KB 489ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/48.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 5e9cf3eda820f1c00b4e557ca67d37caa4ccb68fc6aef181480bb1f268d8f078

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:30 GMT
etag: "5ffd058e-1fd2"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 8146
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 49.png
is.vnecdn.net/objects/teams/ 27 KB
28 KB 489ms
487ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/49.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: a4353df0d45673ae0685be75ad1345ad25b4786d92775932761d45bd21175e47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:27 GMT
etag: "5ffd058b-6d9d"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 28061
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 45.png
is.vnecdn.net/objects/teams/ 8 KB
8 KB 489ms
488ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/45.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 5593c1a7d556493f516d7ef888544dde628036c19ef620de2e051add6160aa96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:27 GMT
etag: "5ffd058b-206a"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 8298
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 40.png
is.vnecdn.net/objects/teams/ 29 KB
30 KB 489ms
488ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/40.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 73aadd2c014d9748e4ef42aad4b2ad4c89b249d56dda7a6e2a8fc3ccf2b932f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:16 GMT
etag: "5ffd0580-75bc"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 30140
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 34.png
is.vnecdn.net/objects/teams/ 35 KB
35 KB 489ms
488ms Image
image/png 111.65.251.70
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.vnecdn.net/objects/teams/34.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.70 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.edm1.gatemail.vn
Software: /
Resource Hash: 2b74f77780559a9a8a9d8b1f2b1ae61a052c788a608d045a74b985ebc69e4f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:01 GMT
last-modified: Tue, 12 Jan 2021 02:12:29 GMT
etag: "5ffd058d-8c91"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 35985
expires: Wed, 14 Dec 2022 02:47:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 78ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 66ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 75 KB
22 KB 275ms
260ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=77733819889399&correlator=3221755973877026&output=ldjh&impl=fifs&eid=44756717&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CMasthead%2CHome%2CLarge1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F4&prev_iu_szs=320x50%7C1x1%7C728x90%7C900x225%7C970x250%7C1200x150%7C1800x180%7C1920x270%2C320x50%7C1x1%7C300x500%7C300x450&fluid=height%2Cheight&prev_scp=hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D524d4eb9091cfe9%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D524d4eb9091cfe9%26hb_bidder%3Dappnexus%7Chb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D5306e580c889165%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D5306e580c889165%26hb_bidder%3Dappnexus&eri=1&cust_params=article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D0%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1639363621&dt=1639363621478&dlt=1639363619667&idt=340&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C1050&adys=-9%2C392&adks=1832943895%2C1680299014&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C300x0&msz=0x-1%7C300x0&ga_vid=943032122.1639363619&ga_sid=1639363621&ga_hid=1925925258&ga_fc=true&fws=2%2C4&ohw=0%2C300&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

888f8d0fca69976da8e4be4a740234cbb131df093e28dc6f7102eefdf0a4ebd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 174966
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22194
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: 247951
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F34D 6 KB
4 KB 65ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 02:47:01 GMT
expires: Tue, 13 Dec 2022 02:47:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 220ms
219ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=77733819889399&correlator=232615059811463&output=ldjh&impl=fifs&eid=44756717&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CLarge2%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C300x250%7C300x300%7C300x500%7C300x540%7C300x600&fluid=height&prev_scp=hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D54cba81d0006022%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D54cba81d0006022%26hb_bidder%3Dappnexus&eri=1&cust_params=article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D0%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1639363621&dt=1639363621494&dlt=1639363619667&idt=340&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=4216&adks=4260787118&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x250&ga_vid=943032122.1639363619&ga_sid=1639363621&ga_hid=1925925258&ga_fc=true&fws=516&ohw=340&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

48016cb19faa2b9168a3957ece98bbb918a03bde9721b8aa00c88fcba35fefc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 174966
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10392
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 247951
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 48ms
48ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=77733819889399&correlator=3871611094977792&output=ldjh&impl=fifs&eid=44756717&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CRichmedia%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1&fluid=height&eri=1&cust_params=article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D0%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1639363621&dt=1639363621496&dlt=1639363619667&idt=340&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=4664&adks=3988550624&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=943032122.1639363619&ga_sid=1639363621&ga_hid=1925925258&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

93d5bd9fea8a05a0f4d9d8254adf3cd1f42da3ba212b2ecb5f2fe96049e0f2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8977
x-xss-protection: 0
google-lineitem-id: 5632170936
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341523710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7547 0
0 43ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut1J6CW1djqgtMwyS6R-7VrCb95m7RI7aWv4ZaZeLDiTI7RtmYXZh8Y9Noan4PQTGPGgeuu1wwZayV1dbDEK-FuxxdaiOzdT_bmkX4Kxid_2R5_MQPnSVYa2_yq8fPuWmGTi2XuNxvtYRB2vH1To5vOn2kHZavZIPJHcP7ZjAfPSFGJgz_-fjPVrNu2x7Yrx48HvGTtS5Fhd2BzGF_vdOqsmhRcDPGUsXwj-Oz4gBS9TtO-LagkEPtKjkEW-cekMnUt02JtSpEA6MMq6ACd-4KbhqGNAfm3XvRSMPQep4ir0tW0GwJFjBJx7x9ErxD-AzR0kLx1_UYne0k8S9t1eqw1UI&sai=AMfl-YReVcoMLh1hiamUoMi4nRm20Eox40GgseSgA9-x7d1iuBjdNOXMGjimmJ3NGM2ZoN7lFA3XZsjuDmvLsbvu8Zd9S0yPnSbhIGP333p9OnYJsllv74ZRRahYpYPMmNA&sig=Cg0ArKJSzMbEB5DFiTO4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7547 78 KB
26 KB 24ms
24ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 264 of 1000 / last-modified: 1639177483"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 7547 76 KB
30 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5TN3T5

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29265ec9b5eb66be0156f5c71b9784fee2cd3103ccd4091d1a502ffc5e522c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30654
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7547 119 KB
36 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7547 90 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-44808995-10

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TN3T5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fb5660fb6dedf46bdb86a0ac34a3e91cbbe26b62cdfea7b1fca538c87f9b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36218
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7547 348 KB
117 KB 15ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
DATA 200
OK truncated
/ Frame 7547 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de36247ffcdf67ad1e14963ea8997045885a594337635c59d8b78428893e8a3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7547 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44808995-10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6355
date: Mon, 13 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 03:01:06 GMT

GET
H/1.1 200
OK optimizes.js Show response
optimize.urekamedia.com/ Frame 7547 21 KB
6 KB 804ms
252ms Script
text/javascript 125.212.217.26
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://optimize.urekamedia.com/optimizes.js?m=1874508&apnx_segment=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TN3T5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.12.2 / PHP/5.6.40
Resource Hash: 06d04081124877665da7c29904fb3b4678c221aa3994f65de59cb5e795ab027e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:02 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7547 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7547 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7547 18 KB
8 KB 54ms
53ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1326642466964924&correlator=1886711887329249&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=2627062%2CUreka_Supply_ov.vnexpress.net_SliderPC_1x1_230221&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D48bb9eecc92e9e6b-221cdc8d05cd0089%3AT%3D1639363621%3AS%3DALNI_MZTqzlCOEAn31NvrdinDKpS5lcu7w&cdm=vnexpress.net&bc=31&abxe=1&lmt=1639363621&dt=1639363621676&dlt=1639363621559&idt=108&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=800&adys=4680&adks=2652662923&ucis=47m3q7cd7ml9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x-1&ga_vid=943032122.1639363619&ga_sid=1639363622&ga_hid=694787720&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c1a4f2634149168f111a0e7e8d74a7732dd0e436bbe1dee2726f5b2b9fb4d3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8486
x-xss-protection: 0
google-lineitem-id: 5655931394
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344528633
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
364187f7114c8ddc8da01761c316e14f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC07 6 KB
3 KB 29ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://364187f7114c8ddc8da01761c316e14f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 02:47:01 GMT
expires: Tue, 13 Dec 2022 02:47:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 7547 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=694787720&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1x1&je=0&_u=QACAAUABAAAAAC~&jid=1910152401&gjid=1317864221&cid=943032122.1639363619&tid=UA-44808995-10&_gid=234492645.1639363619&_r=1&gtm=2ouc10&z=271207220

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B705 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 02:47:01 GMT
expires: Tue, 13 Dec 2022 02:47:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49B8 0
0 42ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbO-F4a3mRsk3qb_-AdBZ02rwzQsYFVYtRmP0TSF6ZNeGJ0yNyaCDrjWmlK5bNJQj0jn0BR4stt2T_x-Y7XcrF83t7RmEAHANEXYIp1pdEoyEJYjv1wCVwcbkDuHz3AfIzP7NNePv0x_6Vx-p3SLuLkqpz8vLrOSSx6W2M38pFewoSEQ-njFUJBBjFZBZ0NMxPOVYFy7yi4fGpfVM3zQnS_t8yGDYeWuh5a3NBdgCZpgRDKg4NBkz56_cKPruZu-GoK2sh2AeynFpjpZuBJAcR2VT8P2cl8cSKLdeHlt96iN9ku2hW5Fl6Q18YZOsPg3vhetfjuayyXc03xNdeLDsBGAxLbPdbeASMrQ&sig=Cg0ArKJSzLGcs5KWO6zPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ani-uk-slider-vnexpress.js Show response
solution.urekamedia.com/vnexpress.net/ 6 KB
3 KB 46ms
17ms Script
application/javascript 2606:4700:3035::ac43:ad49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5757d8048bc223b97d83307e460f862d4d9257e8150bd5241068e42e34cd38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5199
cf-polished: origSize=9388
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 07:46:34 GMT
server: cloudflare
etag: W/"24ac-5d1ac4a426a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYPWMCXV15O5GaQjokomi3AL0pjPqUr%2FXTKdWSqf2keB%2B3XxWJd5BjWGzyuA62FxcNTWAFJvJ%2F7%2FIzHG0HFVlJouCTrJKjw9q2h4UL7xTr9SEQgnOYUHII%2BpJnNDbrtVib6ClOIIgkuMx81dTZVSx97Lo5FmgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6bcbdd8c3cfa05bb-FRA
cf-bgj: minify

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49B8 119 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 61ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Dec 2021 02:47:01 GMT

GET
H3 200 container.html Show response
3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5A80 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 02:47:01 GMT
expires: Tue, 13 Dec 2022 02:47:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame E7B8 189 KB
54 KB 76ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 460808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:46:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E7B8 13 KB
6 KB 74ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 447685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 22:25:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E7B8 89 KB
28 KB 83ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:16:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:16:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E7B8 5 KB
2 KB 82ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 128666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 15:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 15:02:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E7B8 40 KB
13 KB 81ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 21:51:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 21:51:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E7B8 6 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 02:35:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 02:47:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E7B8 3 KB
3 KB 44ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Dec 2021 16:00:38 GMT
x-content-type-options: nosniff
server: cafe
age: 38783
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Mon, 13 Dec 2021 16:00:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E7B8 344 B
807 B 43ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 72047
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 13 Dec 2021 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E7B8 0
0 33ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTh87u2gsdXXWiTO2miLjOf1fLaTB1SgWNn_2XP7FwusRB6DaKHe9cLvcuK-4vOeuC2sDFG
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E7B8 0
0 25ms
24ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnBwjJbS2YZWjIZvJ7_UPw72DmAWmjOSEZ4ummLzzDpaCzYWIFhABIMfHnyNgldKIgpgHoAGE8pORA8gBCakCuSqPfcL8sj7gAgCoAwHIAwqqBOEBT9DlOWuei4724uWTCXy801LP9i1ZAQqbeJ_W-8HlBW6h-zNBWzKfzW3uI0rinBTxngkscpWFAiKMUdwNn1lmsFYoWVxeVSPIBbLYllCIWEEeG0fb25Sm649aKF9yl9uMvZO2c6EQCGAayGNe6L5MHJGDIq-WhqyZbvJenubOGnEBtb8sQDnlGiVmtZg1-nWYOTa5Zx12uAr-KFKH2la2EIeQnx_raG1WAeN393CPizUdITXnA3tWJTyHgdiFCVDxHtHWtFSj_qeoxA6B_7sWD-vvpwsSRmbLP_9CXWOYnsNuwATokrTQ5QPgBAGSBQQIBBgBkgUECAUYBKAGLoAH2u7AdagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcDEPAu0ggJCIjhgHAQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTE0ODEwMTk3NTQxODQ5NTUYz7MT&sigh=2NMz-D42Flo&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 49B8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02772910bcc51ff0c2c0c6143200b527af322aab3c3a966223901f0d25f79842

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49B8 0
0 58ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1_BSCK-jYUKjW0ruv7zT1ZD0D96fYODDlZkORVXpYI4adO3f_dtodcAd1_bQt5fP3RWaYEI0OUGWRuZOL4MPbR039j8FhwaB2MRXioHcA6xqeQ8Ywa7lzCAV2X8kxgESzQaGo3EZQT3KLWQZQHaEDqFGhh8Pbr6j55Vuddq4wpx5Iu0ZFskNXMm9E1msuEazYYk2bRq4GWt1RBMrkl_8cGXCFkOB3MwgA67GidSFh_LG-XNkftrklsevvNQutlQXd45qgwjo_HZa4w8UGqbkAFIoTMzI603VqFCTceZfLuIlH8hiLkXNGhor5w33-k2WwZAXEBJiAZD4BgHtMcpYFOx_v7YicIimLrvkj&sig=Cg0ArKJSzLjm3p9S3ovBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B705 0
0 20ms
19ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNiN2JbS2YZOfIaGP7_UPwtu1aP7T969czs-92OoCwI23ARABIABgldKIgpgHggEXY2EtcHViLTE0ODEwMTk3NTQxODQ5NTXIAQngAgCoAwGqBOoBT9ANedoWdcdUXlk1A6tZJkcU9jQfBJlIpmqTmmL3CQzBiBV-P3bYotVhP8grW28naggbdbjDfJX1AKjoqJf0-NMzzkUMBkHSTveUgtE8_aGAkMLiTIloSPFTO9JXPhTWCpXNrRGwWp2eR69TTXsze5fV9hCgA-qkS6ZDUqrowt0cUUaQv6ss7SQGO5mm0usrKIasx5kZDVdQHzlvt-Nsqki1vL6gcDb-MP7fYnYl4BtCQuFXHvxyhQGlV2tHWBV4pdVZJ582XKzeI9_YPsMUzTrOHljOnBDripxPUEjlD5_O_YM9wPNx9l1S4AQBgAbDwo3-0LOFpimgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xNDgxMDE5NzU0MTg0OTU1GM-zEw&sigh=VqUhUK0zHok&uach_m=[UACH]&cid=CAQSPwCNIrLMouKQUSQijIhVu72pqB54VtrtpnxYTgppTIPZMp_i9JicGJHo_UH_YkzdxbE7eMldcw8TwqfmoAKnxxgB&tpd=AGWhJmt0jIwftNuERkQ7-bsTEV0hg8dqxpOPjltODqK63Oy58ky4w18qCFMKHlZmq2WufUmVluVbRSnu0pC9ELDph_RkU88-FPrRd-pxxPXmerK25Cc1j_9jt2XDHzsyRca7FUey2lSyd9ela3s1NJZRSKk5gta0JrDY6fC7hl0vbT2hiyzy8l90_7U7ZDFwTXgT-h-CLq6WsmqPip9XgZhNpT59igPYhKsN2q4ZhgDlFRKD9zgylRlvVqDRrKSc-usmVMV-dlkZZ4O7ACV_Y0XzMXXrHm4j_SgzpW86PbHEoU1BS0YsHt2hw1wm32sEp3NdvAdZ_gs2g2mH_DzL8c0X9xGE-s-S0sI8BuDSOi7c1DOWRYsSkpKDllAbq5RlNLRMFDYQ5VkzTz_VVKpD-Mn4uZaeR52cTm7gf-su8Z8gJhB38FLWdQmKBnLzJ_xCWj4YxTsSPeGUPwWqmITsiK6XNqvbeQ3ESoPj99u_T1BN3vfBA2atMRvbbRNe_G1muEVjxGOgyiV0JfFfSBTv2E_uwCoslgs7KyrN9HERdndbfge3FSDUm1d-Je3cVu5NWeQhLjeHAq667xCAdZrxWvM-S7f8tj0VDZZ0vRq6LcBo0JziclVaNcTkHsHrV-by15_O0JEs79TUxRUSPweWRoUfJ8gHzhXinRDkEtQBT00c0Fgt2RwGF26FF8omEtj0Is6U0zaTiDIYxbWOf2Uif3Ltdk3fYB6RcfnriL9MpXhK_mgTZXvuLZBXyyxQKKq8ENMkkdz0m2LhRXkq1qDi9Q
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B705 1 KB
1 KB 80ms
19ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=44725532;rtbwp=3E00E840664DFCBE;rtbdata=oQ0n-kCH7kbMHcOD_mSBBnNQhIdoX2C5i8E_j2yW20TuOGHDa0I9_DLk0i9HoPpcR2Vhx4h2U1k2GmCFChD13uXkSGRih8ezQCXkWdcYkFEzxtfA3LuWWgfYkKlA_o9krsAYXAm9Lm0V0p96jSbg3yF0DOP3R7QMyyAsfuI-gDRhYFWQzuWLY5NCV9EyPq90irT7PdiMiznaFaDA9C1y1kn94sIlSbZanMVfXMTe8FcwSAYd8lUXEX3p-QJTha9VlOE6sDvd2rvblsPWZfQpE4kIXt1Q3KpzwINWA_fxNBE5g8sB41FKPOFlQ71uo_wvA2iPZ3TtafKZ0JH_Y9eLMhu13xEhcsGnIguEsyXahWFXigfSJSZb3Z-4S0TaEX4Bn7hLRNoRfgHNV0xHhkYVpJpXbQjv-24iQeEimShqzcc1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/f6ee75e3-9787-4d76-988d-7d340a9b1e99/

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c4d44dd53ce68ab321ca0e4000525b444b0858ac480a5beb94c924e51db70d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1118
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B705 2 KB
1 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 01:43:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B705 119 KB
36 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B705 15 KB
6 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 02:03:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B705 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuAssNTC4EE9qddaIHgNGwwT-exULCU9_VmJQxLx8NJWjl-rnowGAvyO3e5nc52_mvXoYh
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B705 22 KB
7 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 15:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 11 Dec 2022 15:31:07 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 27 KB
10 KB 57ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 7b97fdca40040900c32d349b9e5a352210e5d704dba6e6b8643c3b81d1cd9a4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtgsxVH0nVxddIKidoBztu5xZI8xXxqHiYhmuNHefMJoE6vUo0UT1Dw-7zSvmEqRisjRCkj6LwqDjdiwFGsww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9567
last-modified: Sun, 12 Dec 2021 09:10:38 GMT
server: UploadServer
etag: "eb4ec8209af99999e3fea6ed254dc1de"
vary: Accept-Encoding
x-goog-hash: crc32c=f7Tm8A==, md5=607IIJr5mZnj/qbtJU3B3g==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639300238280122
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9567
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 02:52:01 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 329ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&e=playerLoaded&cb=1639363621870
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A80 0
0 18ms
18ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPllNJbS2YZSjIZvJ7_UPw72DmAX-0_evXM7PvdjqAsCNtwEQASAAYJXSiIKYB4IBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1yAEJ4AIAqAMBqgTtAU_QBxYvnIwPJzjdJdI3_UuR0qMlCYk9nNhOJqMs7-PF71Xv3GgZf5tfmPDBHRww_Jc5XMeEu-GOU1w_iRUjn5-l4zGozRno-YBoflVSRdgHzVaRjbCIiacyY96V1P2lGamRpaMpRyCr_tVLGoGEyjHRC3lKBjLfUj2wcwng1gw3wIHg3FFTUzXQ6dcxLi_GQkl5UcbFcXnbfe71IKDDQM3t0xeQx16hJX4BVv1reLiRrOUrTE3wIRRByahH0XRlnDnu-jBWBmL6RwWg5g6DcsYEgx5A510ZoRq4CDjWgTgS6kDM_NVeKiI1zNVKTeAEAYAG5fDVlcfd_4K2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTE0ODEwMTk3NTQxODQ5NTUYz7MT&sigh=lY6YWTedNtY&uach_m=[UACH]&cid=CAQSPwCNIrLMjoRFwOYwobLW8obaO7HCMTOy_jZ0fJ3E-AVhp1kfmHGu1VwWtl_YYiydfsoWtrJxZXsWEktyBwvNlhgB&tpd=AGWhJms90c_99AG64MS3sJuLOU4iQ9uCIYIf_wBZnrCfObYXz33mW0sPUsrus4l0J0y8Iws7DNcpL7eK5Wo8MRdNgzfOrX73u6RXBHVunj-7vhWQ_qSirsTLOiVOmku2c7t1-GTuiAMkL8iNMAASiG-t5u1m-V-Oib8JSJ-zgE0HVlwIPQO0olL0ApK6iIbnIc5-P48PCwwfvuO4ve7lcnB0LzxMMbFg7ac69IeYLYKaGRcRN4pOPLbBM7cHXGF02dgZg_E2HQSsQROL5KeRDKNmMV_j1j1EQFZhSpIuYkJesstritdNfN4nkMznYzCc6ChcRay-N4voVFgvaKPq7Zh9B5gJkW_Nfyt7DHUoyo5eulzrVcuX5Ks5nKqw2KQs9LtliHVr9wHqJ_Il54MvHYzCCilykhDo1zhGx2anGSHbPVhP6jjKbfDnIYVgiEC-1ocgenSGr_wTqNOpJU0rDKCYf0TCCc9eNkrV6mIbcJRjXPSYKCx4bM7ZDpkIpVO_KQ1X0a6nI8czqvGt0VUTvu_Ikn5CWyFCVbz5WFOGZUdqp_jWW9VyCS41Ndq1Qy79Pefr6gBC6tqLE6szcnReMMGBuUvYvT1jAGWUKcBcK2pQd89Eof2ioUUHncr8V8nYb_t4sBzoifmrUJyHQR5TYI2tC1MVb0sUA1A__LvqggznK2OxUKppY_ZdSlvcMkCZX8rnQke0ySJOAs624uCyOSZ--7govpQN7nEp0kR70T2SBQgSZYv6j0i2D5z0oCj2wWwcb02Jk8rJUQOv7WccVMJST9ySUHVwXSbzBs2vGi0eOzxZwMKTFN2maLKnzaQ5EKja31uB5NPw1M5dpUMt7OVLi9wJdPmqEAhGXkm3OYliKKee7aFH7nPKZ1ThqFy3J5rOVqES8F4irx84FUik
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK kb4bf373gyzl Show response
ad.ad-srv.net/zone/ Frame 5A80 10 KB
3 KB 27ms
8ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/kb4bf373gyzl?subid=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D42ef94b3-91e3-4b11-a9c2-c0e64477c35c%26ag%3D18izhwm%26sfe%3D13ee3425%26sig%3DHKT6Vvofah4cr9PI3Obb_ujKGQ5tP3z-L9OlbTPYVuA.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dvnexpress.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D27%26agsa%3D%26wp%3DFED9B6D1B3C058CC%26rgz%3D85777%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21390%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.31%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome%26pcm%3D1%26ict%3DUnknown%26said%3D0c82ba459a910f151e063f398c20aaa3c4cfc538%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: eb3b752af7a41e373b61f985ed90f65cd0d4f1e1a33ffdae065c503a25a33812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3212
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame 5A80 807 B
1 KB 43ms
10ms Image
image/gif 76.223.26.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=42ef94b3-91e3-4b11-a9c2-c0e64477c35c&crid=d1fscc88&wp=FED9B6D1B3C058CC&aid=1&wpc=USD&sfe=13ee3425&puid=&tdid=&pid=xnw5wf7&ag=18izhwm&adv=jh293ro&sig=1cn0wvHEPtIwboYZr1nMe6-L3-0bLriCg3QpNtwYrsMQ.&bp=0.11318503829615&cf=1043467&fq=0&td_s=vnexpress.net&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=27&agsa=&rgz=85777&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=21390&did=&rcxt=Other&lat=48.240002&lon=12.510000&tmpc=2.31&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA&dur=&durs=UJSBm-&crrelr=&ipl=/27973503/OV.Vnexpress/Desktop/Masthead/Home&pcm=1&grdc=CAEYASABKAFAAUgC&cx=-5178883614526245302&said=0c82ba459a910f151e063f398c20aaa3c4cfc538&ict=Unknown&auct=1&cxlvs=0&im=1&mc=eb3a6600-181c-47ff-86ff-3c8ee849fe5c
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ad9411418cf2cdacd.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:01 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: must-revalidate, no-cache
connection: close
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 5A80 27 KB
9 KB 418ms
379ms Script
text/javascript 13.224.96.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-51.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: c0d9156b1841ba8c36c6255ac80803a54892eea8ca52cdb6615c0bdb196dc515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: sreBUwTxBjcbk4O-or1nQ5bbOrXO1W_DS1SopYGxh72dbPWrKFt33w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5A80 2 KB
1 KB 21ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 01:43:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A80 119 KB
36 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:47:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5A80 15 KB
6 KB 20ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 02:03:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5A80 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6nWnfxUx242_tV_8qrGuUiP9BxbFYtYshKk7VsNyAXvu_Sj3UQy9xxq5A_0K4fJgQskdC
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5A80 22 KB
7 KB 22ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 15:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 11 Dec 2022 15:31:07 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 54ms
16ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:01 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Dec 2021 02:47:01 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/9823031714400561752/ Frame E7B8 41 KB
41 KB 15ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9823031714400561752/2076313506083323656

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a674a51f9a0636427ae8a6d2be46a5cfff001194f523324127a7383f7a734c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 01:23:23 GMT
x-content-type-options: nosniff
age: 350618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42008
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 15:48:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Dec 2022 01:23:23 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3362155301219044748/ Frame E7B8 2 KB
2 KB 19ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3362155301219044748/downsize_200k_v1?w=100&h=100

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d68886e9024a07c1984e876c26fd176de5dcdfe9ccbac1e0fa3385ca4ca11e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 21:29:14 GMT
x-content-type-options: nosniff
age: 278267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1734
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 08:17:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Dec 2022 21:29:14 GMT

GET
DATA 200
OK truncated
/ Frame E7B8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E7B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a512c6991071ee2b53331c5bedd46a813792fdb76e669789833c54c8e26b6f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E7B8 15 KB
16 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vnexpress.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 455946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E7B8 15 KB
15 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vnexpress.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 401064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 11:22:37 GMT

GET
H/1.1

200
OK

request.php Show response
ad23.ad-srv.net/ Frame 5A80
Redirect Chain

https://ad23.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...
https://ad23.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...

2 KB
1 KB

41ms
29ms

Script
application/x-javascript

78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad23.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D42ef94b3-91e3-4b11-a9c2-c0e64477c35c%26ag%3D18izhwm%26sfe%3D13ee3425%26sig%3DHKT6Vvofah4cr9PI3Obb_ujKGQ5tP3z-L9OlbTPYVuA.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dvnexpress.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D27%26agsa%3D%26wp%3DFED9B6D1B3C058CC%26rgz%3D85777%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21390%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.31%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome%26pcm%3D1%26ict%3DUnknown%26said%3D0c82ba459a910f151e063f398c20aaa3c4cfc538%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=https%3A%2F%2Fvnexpress.net%2F&ancestorOrigins=https%3A%2F%2Fvnexpress.net&random=4308315398306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 5b7bef722c0c3519daed4fe5e8df94aec8afab3aebac12e7f5ac90b1e1da6d8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 53583000009985000003104011807023
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 731
Expires: Mon, 13 Dec 2021 02:47:02 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D42ef94b3-91e3-4b11-a9c2-c0e64477c35c%26ag%3D18izhwm%26sfe%3D13ee3425%26sig%3DHKT6Vvofah4cr9PI3Obb_ujKGQ5tP3z-L9OlbTPYVuA.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dvnexpress.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D27%26agsa%3D%26wp%3DFED9B6D1B3C058CC%26rgz%3D85777%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21390%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.31%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome%26pcm%3D1%26ict%3DUnknown%26said%3D0c82ba459a910f151e063f398c20aaa3c4cfc538%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=https%3A%2F%2Fvnexpress.net%2F&ancestorOrigins=https%3A%2F%2Fvnexpress.net&random=4308315398306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 13 Dec 2021 02:47:01 +0100

GET
H3 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E7B8 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Dec 2021 16:00:38 GMT
x-content-type-options: nosniff
server: cafe
age: 38783
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Mon, 13 Dec 2021 16:00:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E7B8 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 72047
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 13 Dec 2021 06:46:14 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame ED80 365 KB
103 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0092b2b2a89deb98cb1a154fa658a05a85fb13c18cb8473f1c19b4eded77f9b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduPkGI6zRbKh9Bp6Sa56jwJQQakWB3RUQ1DVt2sOWY5XDSb3tP00Ksntsg8IZvkO9SGESWjcp4YdV8xctKnNCvIPeKqzA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 105169
last-modified: Sun, 12 Dec 2021 09:09:43 GMT
server: UploadServer
etag: "89cb1bd7c45e3ebc8adc7440dc66b75a"
vary: Accept-Encoding
x-goog-hash: crc32c=b4Z3JA==, md5=icsb18RePryK3HRA3Ga3Wg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639300183361749
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 105169
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 02:52:02 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B705 33 KB
16 KB 94ms
18ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44725532;rtbwp=3E00E840664DFCBE;rtbdata=oQ0n-kCH7kbMHcOD_mSBBnNQhIdoX2C5i8E_j2yW20TuOGHDa0I9_DLk0i9HoPpcR2Vhx4h2U1k2GmCFChD13uXkSGRih8ezQCXkWdcYkFEzxtfA3LuWWgfYkKlA_o9krsAYXAm9Lm0V0p96jSbg3yF0DOP3R7QMyyAsfuI-gDRhYFWQzuWLY5NCV9EyPq90irT7PdiMiznaFaDA9C1y1kn94sIlSbZanMVfXMTe8FcwSAYd8lUXEX3p-QJTha9VlOE6sDvd2rvblsPWZfQpE4kIXt1Q3KpzwINWA_fxNBE5g8sB41FKPOFlQ71uo_wvA2iPZ3TtafKZ0JH_Y9eLMhu13xEhcsGnIguEsyXahWFXigfSJSZb3Z-4S0TaEX4Bn7hLRNoRfgHNV0xHhkYVpJpXbQjv-24iQeEimShqzcc1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/f6ee75e3-9787-4d76-988d-7d340a9b1e99/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 14 Dec 2021 06:14:05 GMT

GET
H2

200

onepixel.gif Show response
tracking.mlsat02.de/ Frame 798C
Redirect Chain

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=53583000009985000003104011807023&gdpr=&gdpr_consent=
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1639363622_&cachebuster=1639363622&awv=11430_473322_1639363622_f3052fc0-5bbe-11ec-864...
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTM3NTgwMjI7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzkzNjM2MjJfZjMwNTJmYzAtNWJiZS0xMWVjLTg2NDMtMjI2MjNiZD...
https://tracking.mlsat02.de/onepixel.gif

43 B
129 B

15ms
14ms

Document
image/gif

51.178.130.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.mlsat02.de/onepixel.gif
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D42ef94b3-91e3-4b11-a9c2-c0e64477c35c%26ag%3D18izhwm%26sfe%3D13ee3425%26sig%3DHKT6Vvofah4cr9PI3Obb_ujKGQ5tP3z-L9OlbTPYVuA.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dvnexpress.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D27%26agsa%3D%26wp%3DFED9B6D1B3C058CC%26rgz%3D85777%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21390%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.31%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome%26pcm%3D1%26ict%3DUnknown%26said%3D0c82ba459a910f151e063f398c20aaa3c4cfc538%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=https%3A%2F%2Fvnexpress.net%2F&ancestorOrigins=https%3A%2F%2Fvnexpress.net&random=4308315398306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3169999.ip-51-178-130.eu
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 02:47:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 02:47:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
P3P: CP="NOI CUR OUR STP"
Location: https://tracking.mlsat02.de/onepixel.gif
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Length: 20
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK request_content.php Show response
ad23.ad-srv.net/ Frame FE39 3 KB
2 KB 18ms
7ms Document
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=be5898a71e&subid=&uid=0e76ac84f788d47f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D42ef94b3-91e3-4b11-a9c2-c0e64477c35c%26ag%3D18izhwm%26sfe%3D13ee3425%26sig%3DHKT6Vvofah4cr9PI3Obb_ujKGQ5tP3z-L9OlbTPYVuA.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dvnexpress.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D27%26agsa%3D%26wp%3DFED9B6D1B3C058CC%26rgz%3D85777%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21390%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.31%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgdCYXZhcmlhGgAiDUZhaHJlbnpoYXVzZW44AVAHgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome%26pcm%3D1%26ict%3DUnknown%26said%3D0c82ba459a910f151e063f398c20aaa3c4cfc538%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=https%3A%2F%2Fvnexpress.net%2F&ancestorOrigins=https%3A%2F%2Fvnexpress.net&random=4308315398306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 1ad33e796747efa6a1803f7d0ca50d1b3b8be4f453df10136934378ee733a435

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/

Response headers

Date: Mon, 13 Dec 2021 02:47:02 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 13 Dec 2021 02:47:02 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1210
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=3&d36=6.1.2.91&apppkg=&fv=3&proto=https&pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&stagid=&stplid=&e=inventory&vi=100&cb=1639363622062
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js Show response
bd.urekamedia.com/publishers/code/vnexpress.net/ 1 KB
886 B 31ms
22ms Script
application/javascript 2606:4700:3035::ac43:ad49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293580
cf-polished: origSize=1072
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 12 Aug 2020 08:34:21 GMT
server: cloudflare
etag: W/"5f33a98d-430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgT%2BxS8jLigthAVkuNokX5hBpH8mn%2Bqkq%2BSne6W2lQjo8vhxZxf1FkpnFxvAjKGnAH5yfrBYtyOEWcr%2BgtNX4VXdifARWyvbij1WoWpZ2jI4hZ0FpkTJOfCIgknuWNaHVILLKkP8vPng%2BJ4onmSYUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6bcbdd8e4ed105bb-FRA
expires: Sat, 08 Jan 2022 17:14:02 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/3/ 42 KB
6 KB 399ms
173ms XHR
application/json 35.172.120.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/3/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&AV_CHANNELID=5ea26963e792ea55c7264da7&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=3&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&d36=6.1.2.91&sver=1&avtoken=622062&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1639363622115
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.120.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-120-178.compute-1.amazonaws.com
Software: /
Resource Hash: 571d62c5d7f9299dab4e927be3735497746bff61d2acb5ea4ca1558d6cdd1513

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 01 Dec 2021 13:00:22 GMT

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame FE39
Redirect Chain

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950...
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&...

1 KB
1 KB

19ms
19ms

Script
text/javascript

37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad23.ad-srv.net%2Fc%2Fp5bkb3hwgnxnwnv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Requested by

Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151

Protocol

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ee29c60365e2157a9bdc77ec6e31f5311bb8c58459ac96e91f960c02f9c7260e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 825
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad23.ad-srv.net%2Fc%2Fp5bkb3hwgnxnwnv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame FE39 0
0 13ms
13ms Image
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2950366&v=11430&q=361931&r=473322&pref1=53583000009985000003104011807023&gdpr=&gdpr_consent=
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
ad23.ad-srv.net/ Frame FE39 0
150 B 22ms
9ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad23.ad-srv.net/viewability?s=53583000009985000003104011807023&a=99c94495&vb=m
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B705 5 KB
3 KB 20ms
20ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=44725532;rtbwp=3E00E840664DFCBE;rtbdata=oQ0n-kCH7kbMHcOD_mSBBnNQhIdoX2C5i8E_j2yW20TuOGHDa0I9_DLk0i9HoPpcR2Vhx4h2U1k2GmCFChD13uXkSGRih8ezQCXkWdcYkFEzxtfA3LuWWgfYkKlA_o9krsAYXAm9Lm0V0p96jSbg3yF0DOP3R7QMyyAsfuI-gDRhYFWQzuWLY5NCV9EyPq90irT7PdiMiznaFaDA9C1y1kn94sIlSbZanMVfXMTe8FcwSAYd8lUXEX3p-QJTha9VlOE6sDvd2rvblsPWZfQpE4kIXt1Q3KpzwINWA_fxNBE5g8sB41FKPOFlQ71uo_wvA2iPZ3TtafKZ0JH_Y9eLMhu13xEhcsGnIguEsyXahWFXigfSJSZb3Z-4S0TaEX4Bn7hLRNoRfgHNV0xHhkYVpJpXbQjv-24iQeEimShqzcc1;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2ff6ee75e3-9787-4d76-988d-7d340a9b1e99%2f;js=1;adfxid=1x;7120;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fvnexpress.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1d081ea9c4f5f4e37a50fc579a424a183000df898ec166e20f3ecbab54cb4655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2598
expires: -1

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BB1F 78 KB
26 KB 20ms
19ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bd.urekamedia.com
URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 872 of 1000 / last-modified: 1639177483"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H/1.1 204
No Content analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame B705 0
64 B 169ms
33ms Script
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=282716&di=vnexpress.net&ap=&dm=10&pi=1413458&ti=f6ee75e3-9787-4d76-988d-7d340a9b1e99&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&dt=8736481428691810142000
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:02 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8477 281 B
554 B 51ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Dec 2021 02:47:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame B705 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98235ed8e6306cd4bbeac0da15acc17c06aff7419fe7326fb3c65a2d189fd387

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BB1F 348 KB
117 KB 20ms
19ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame B705 85 KB
36 KB 27ms
26ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 14 Dec 2021 06:14:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8477 32 KB
10 KB 8ms
7ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23921
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9506
Expires: Mon, 13 Dec 2021 09:25:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame BB1F 107 B
122 B 19ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BB1F 107 B
122 B 19ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BB1F 18 KB
8 KB 51ms
51ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=997284638042985&correlator=2647967967778596&output=ldjh&impl=fif&eid=31060979%2C31063378%2C31063870%2C21068766&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=2627062%2Can.passback_ov.vnexpress.net_SliderPC_240420&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3De67309d769fb5a1a-22178a9405cd003a%3AT%3D1639363621%3AS%3DALNI_MYlpMODD6Lxq9nc4FI0_CJsd5VQFQ&cdm=vnexpress.net&bc=31&abxe=1&lmt=1639363622&dt=1639363622255&dlt=1639363622148&idt=95&ea=0&frm=23&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=984466752&ucis=un1s3cmhv4py&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=234492645.1639363619&ga_sid=1639363622&ga_hid=41792968&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

23631201ef9b407520d4ccefc739d16cbd0ac645c6031a21fe5425140d9e3c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8422
x-xss-protection: 0
google-lineitem-id: 5416437550
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316342509
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BB1F 11 KB
8 KB 20ms
19ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

971d8ee376606f4f9dd0d735a0a11b75ce128354c6ac7aff4a82dfef3994dc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8492
x-xss-protection: 0

GET
H2 200 container.html Show response
452794cdd616c40f780ec3019325128a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8858 6 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://452794cdd616c40f780ec3019325128a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 02:47:02 GMT
expires: Tue, 13 Dec 2022 02:47:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8477 284 B
1 KB 643ms
158ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/jpg

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BB1F 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:47:02 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame B705 35 B
503 B 19ms
19ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=44725532&csi=yeQJ5tvAjIBqCveFcwF9KbsrMkAG8iLCFFplIFtodWDZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 44079194.png
s1.adform.net/Banners/44079194/ Frame B705 87 KB
87 KB 22ms
22ms Image
image/png 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/44079194/44079194.png?bv=2

Requested by

Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

15aed0593ab01dff02bf7af9ce996ca63ed3a4f03877928f72a88d214ceaabda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
last-modified: Wed, 17 Mar 2021 08:36:58 GMT
server: nginx
etag: "6051bfaa-15a8b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 88715

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DAFC 281 B
554 B 7ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by: Host: 3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
URL: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Dec 2021 02:47:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 5A80 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84995f17393daa7a6ca61d4f6e2a40b2ce465172550e835cad8a1151ab52e221

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFAA 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 00:22:08 GMT
expires: Tue, 13 Dec 2022 00:22:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7029 783 B
536 B 16ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91cf687829fa39aeba7ac87bf11fa76834c5222471d373c2ebeba289746f05af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4tC579eeEZFqbnHUkCqYJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 02:47:02 GMT
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4tC579eeEZFqbnHUkCqYJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C9BA 0
0 42ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx8diTr-OssmitATWDPRC-njCbfEkwYVv7210IgnJ34H6WWpKUW8_jLt907oZwKfDzJJjhBdv3RUoNzgwIYBApVF56TA-19F9Z0c-xemP1d9jrAn6AYSl-rb5w7jin_8DGYutJnaLzEitbR5Lzumhyndx3k_1IXBlUuSceq7NetN6ebb8SRSun9J-oIqXQvX5-W2THz2eLRBzGKL0SQBfDLNSlr5nJ7o5VwBDs1tryVluNF2ZBP_zIadSRFf4gOePQ-WcY4Sfpud-v3x59Zw8LAMIrRR9IB4ezIO4gvxHn-zwk8bFO_s8oYF9VfrgeSCQwfeT9K1GV3aXMOnH9R0kLlP_WKLw&sig=Cg0ArKJSzJGuV6yZGtULEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 ani-uk-slider-vnexpress.net-avantis.js Show response
solution.urekamedia.com/vnexpress.net/avantis/ 5 KB
3 KB 31ms
17ms Script
application/javascript 2606:4700:3035::ac43:ad49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://solution.urekamedia.com/vnexpress.net/avantis/ani-uk-slider-vnexpress.net-avantis.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adee1eb7f9c1d8f269073423a59b4164fa0cb078a41206ba6a8b7dd6c3e4083

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5167
cf-polished: origSize=9785
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 07:46:35 GMT
server: cloudflare
etag: W/"2639-5d1ac4a51acc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5D93n375b7b5VH8szHxGxMPuQqNQoyMjC%2FCSGBO571NXhIARLmHwnMNt39bS2RCCr3H96OlPc2m7UK9EPYTFkoTYXsj8tN8qnPMXS4q%2Bm35jS%2FdtBQy6iMKOW%2BkKGShzfhuH7TQ8zIiKjGJlLyNDjDSaGy%2FBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6bcbdd8fbe804e31-FRA
cf-bgj: minify

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9BA 119 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DAFC 32 KB
10 KB 35ms
34ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23921
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9506
Expires: Mon, 13 Dec 2021 09:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame FE39 33 KB
16 KB 20ms
20ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad23.ad-srv.net%2Fc%2Fp5bkb3hwgnxnwnv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 14 Dec 2021 06:14:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C9BA 0
0 44ms
43ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoaQOXZxpwDeqM5V6-0GJ1j-n2T60agqoXG5-xec9W2tOMevru6FBTmjxjjbAEgcT191-CDTjXskufy0KYbnXviQ08uJjqlW3lVO6IevQ5RWlXsKYgNKU3Q6yTXXgE9x6SbzqnicVqtZJmZgC8U9VJWCnPkECkYzpOTjqfbu2EhXwFaDKvDuozzFwFQAQEK_Rb-wyJ6HMaUducVujkUok8E5oYSfLhk55KRM6wF70Q9YOx8DZ9jLl_dhuckftFOOfmeBnVPkxYMa5QjPwyEbxOY8K9ODFQ6T8CggkPK8VtIBfWtQULeLiGS1gf-Hi-VfRyy3CoUypKCpKTN38FsOBO1JJ-0oMXVQ&sig=Cg0ArKJSzA09lWGjq6hcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=playerLoaded&cb=1639363622412
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame B01F 365 KB
103 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0092b2b2a89deb98cb1a154fa658a05a85fb13c18cb8473f1c19b4eded77f9b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduPkGI6zRbKh9Bp6Sa56jwJQQakWB3RUQ1DVt2sOWY5XDSb3tP00Ksntsg8IZvkO9SGESWjcp4YdV8xctKnNCvIPeKqzA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 105169
last-modified: Sun, 12 Dec 2021 09:09:43 GMT
server: UploadServer
etag: "89cb1bd7c45e3ebc8adc7440dc66b75a"
vary: Accept-Encoding
x-goog-hash: crc32c=b4Z3JA==, md5=icsb18RePryK3HRA3Ga3Wg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639300183361749
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 105169
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 02:52:02 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame FE39 7 KB
3 KB 22ms
22ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad23.ad-srv.net%2Fc%2Fp5bkb3hwgnxnwnv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;1498;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fvnexpress.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

18afcfc6da5c7d7293d22e6cbc71686fdc6c8cb55bb2d2902b2d38e3ef956e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2580
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7029 0
0 31ms
30ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=997284638042985&rc=
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame FFAA 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 23:33:12 GMT

GET
H/1.1 200
OK 908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame FE39 43 B
634 B 104ms
42ms Image
image/gif 51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=45031316&tg=fnmzbbxx&ckurl=1
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.26
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:02 GMT
Server: nginx
X-IPLB-Request-ID: A87719C7:BD57_334475B6:01BB_61B6B426_2CDA258:8AB5
X-Powered-By: PHP/7.2.26
X-IPLB-Instance: 36559
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H2 200 track
track1.aniview.com/ 0
70 B 107ms
107ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.1.2.91&apppkg=&fv=3&proto=https&pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&stagid=&stplid=&e=inventory&vi=100&cb=1639363622486
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 11 KB
3 KB 110ms
109ms XHR
application/json 35.172.120.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&AV_CHANNELID=5d81ed7928a06164620898f0&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&d36=6.1.2.91&sver=1&avtoken=622485&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1639363622502
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.120.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-120-178.compute-1.amazonaws.com
Software: /
Resource Hash: eaba73924c0d1fb12b12dcd3fe557b44c812b2891d1692897ccc7737079b9d98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 01 Dec 2021 13:00:22 GMT

GET
H3 200 ureka_logo_white_89x65.png
bd.urekamedia.com/static/logo/ 2 KB
2 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:ad49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bd.urekamedia.com/static/logo/ureka_logo_white_89x65.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d569b3809a5bb3ea042e90e5e15403ee2208fcf17063f83009610ede46f6396e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1744
last-modified: Fri, 26 Nov 2021 08:07:42 GMT
server: cloudflare
etag: "61a095ce-6d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JF4%2F1uEosfXhwF6DjG0cW%2F1fjpBpL8pdaIUyJ59Hd5euNmFZdtqUcDK%2FrYKqoX8jjWApWJUBeUyChIjnIwW9QsglaotA6GHRud7JR9UHUyYhOTGHgWxWsoJ%2FRN6%2FHf8Kvv9rvaqXc9i9yUPrTZ5fSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6bcbdd90af434e31-FRA
expires: Sat, 08 Jan 2022 17:13:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7547 0
0 43ms
43ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstluvtYluflhAKR3-v7vkq0r66Q38RLgBpgRA_MpmO_roGP5GOIOZuY6n5NQmm7qohStOgJ-0j3ZcGdyLH5yfXxIi5UUfUVs7pooBeTsauDTqNGpSA80YSn6WyAOR5haT7OYGW71rwgbLKi14YZ0ROA2SPoGV3WW7kL3JfeXJ6VvRYEZr_B2AR_hyWOjW4DLcz-YbJ7if9sF7yd3Y9w6NfAiaDSUEjBm2Q9CVafMLEWEiNto-RPgpj1IV-o-DQe3Q-6iayJ5nXeGAS91RM-egLvl4Zfaz__xeq9D-lbNB-zfQXef6jzHKuaWdGDrb3duqGGlEJ-jczArijXTczJQcOfJyGgpQ&sai=AMfl-YRlfSQmyRiDliiex-cTXFm23BoYgqdzPv1ZZKnYYQ1NoSURrhohMMNJhh9v9i1Fexzr79nqKAdvTkMTngaGmb1ImQMxeJWT_rJXyrFlijaK4HtHTB4YoEjCduNgltk&sig=Cg0ArKJSzJ7QCxtalWU8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7547 11 KB
8 KB 22ms
21ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

28beb1fbae86e5636a884a2942db76ae98c5f519e07ff7601d22345afc6098a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8587
x-xss-protection: 0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame B98E
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D22%26key%3D%7BPUB_USE...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D22%26key%3D%7BP...
https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=22&key=46d1d8a9-db20-4a84-9b08-281cc892a497

0
239 B

320ms
99ms

Document
text/plain

18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=22&key=46d1d8a9-db20-4a84-9b08-281cc892a497
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-length: 0

Redirect headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-type: text/plain
content-length: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=22&key=46d1d8a9-db20-4a84-9b08-281cc892a497
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

204

sync
pixel.advertising.com/ups/58246/ Frame 0B3B
Redirect Chain

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
0

12ms
12ms

Document
text/plain

18.158.154.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.154.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-154-136.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000

Redirect headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-length: 0
location: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 services
sync.technoratimedia.com/ Frame F299 0
0 309ms
97ms Document
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1639363622392-936944863393-007097-008-008467&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

server: nginx
date: Mon, 13 Dec 2021 02:47:02 GMT
access-control-allow-origin: https://vnexpress.net/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 101956133
age: 0
via: 1.1 varnish

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 6BFD
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D200%26key%3D%5BRX_UUI...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7731593877
https://sync.1rx.io/usersync/tradedesk/9a0d967a-c2dd-49fd-b870-fdc8844ec57c
https://sync.targeting.unrulymedia.com/csync/RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008...
https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=200&key=RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003

0
249 B

204ms
100ms

Document
text/plain

18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=200&key=RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-length: 0

Redirect headers

server: Tengine
date: Mon, 13 Dec 2021 02:47:02 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622392-936944863393-007097-008-008467&biddername=200&key=RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003
etag: RX11dd3b59d28a41efb87d05a21dd9a62a003

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5F49 14 KB
5 KB 54ms
15ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=36738
expires: Mon, 13 Dec 2021 12:59:20 GMT
date: Mon, 13 Dec 2021 02:47:02 GMT
vary: Accept-Encoding

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame ED80 314 KB
98 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 90bd71e512a5de39a5e6692747523d000850a9bcd37887effabd90a4207c78ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds251ONBi8vXM075Cv7Gy4QK39_qAvu00XBNEbP3zDMAmE-hz9oNUSZZRWF-5wKMMYypXcv22Pd04eJbPGRP1x58WbR1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99492
last-modified: Sun, 12 Dec 2021 09:08:32 GMT
server: UploadServer
etag: "08cd3c37c0bd6034c6de18b37a99eb5f"
vary: Accept-Encoding
x-goog-hash: crc32c=MgeckA==, md5=CM08N8C9YDTG3hizepnrXw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639300112402204
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99492
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 02:52:02 GMT

GET
H2 200 avpb3a0.js Show response
player.aniview.com/script/6.1/ Frame ED80 66 KB
21 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: cee55548ee7eb850dbfb13e65858523541e97be7716626ffb7099dc0396da8a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds3fOUO_H5QBV4RnwcrZv1ItDRlXOBOPj7Zv89dQcd5qKlX60r4mB9cCBuw2onit5cpDUTDGcyuNwh1Q0Yz6go
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 20983
last-modified: Sun, 12 Dec 2021 09:08:47 GMT
server: UploadServer
etag: "1efe8f8cc56d479c8ecbc0b8d2806d89"
vary: Accept-Encoding
x-goog-hash: crc32c=zCJeeA==, md5=Hv6PjMVtR5yOy8C40oBtiQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639300127026317
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20983
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 02:52:02 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTYxNjkzYmU4YTUwYzY3YmFmZjdhNDU0OWFlNmE5&gdpr=0&gdpr_consent=

170 B
502 B

54ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTYxNjkzYmU4YTUwYzY3YmFmZjdhNDU0OWFlNmE5&gdpr=0&gdpr_consent=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:02 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTYxNjkzYmU4YTUwYzY3YmFmZjdhNDU0OWFlNmE5&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639363621692099-373
Expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H/1.1 200
OK 0SzYvAqqJfH4Pvhp5l0RGQ== Show response
ads.adaptv.advertising.com/a/h/ 3 KB
1 KB 65ms
10ms XHR
text/xml 18.196.67.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=9363622541&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=168.119.25.199&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&lat=48.35340&lon=11.54910&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.67.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-67-255.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

2005d8c062d032e2712bd1c2b58c0f8d3972b9301e98ea7a1b2c2643448ff238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1071
expires: 0

GET
H/1.1 200
OK 12051953 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 139ms
17ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12051953?_fw_gdpr=1&_fw_gdpr_consent=&_fw_us_privacy=1---&schain=1.0,1!urekamedia.com,5e63d10e28a0614d2b01395e,1,,,!aniview.com,5e4d2a2d2a62e7166c1db7a5,1,,,&cbb=9363622541
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03d2f9cf73ae47da5ef4d7fea01ccb2a83e54096776f8dfe6034e5d2b3bb03f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:02 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1382
x-sticky-vk: 1639363621915019-365
Expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H/1.1 200
OK 12472193 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 139ms
18ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=508416051442968553&_fw_gdpr=0&_fw_gdpr_consent=&cbb=9363622542
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4716325022d4bf3d498ae370bec9845add20d0fe2b0ff3cc4e1202e7e8a7927e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:02 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1142
x-sticky-vk: 1639363622512048-346
Expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1639363622543&asid=5fed564af85e674fd7743e89%2C5fb766e909e8a7781132bf27%2C603f3845a58ab3069815987b%2C603f4143d8cb955a43024a76%2C5f8fa1ee713056439365ef64&ofpr=3%2C3%2C3%2C3%2C&fpo=%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 107ms
107ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=request&cb=1639363622543&asid=60938ff57621683c2c6776a3%2C616d78393de9c80af96457fa%2C5f4f9c3d23b3f315675708b0%2C60c9e536e444d9250e590371%2C5e5e346c28a0613c6a54f5b4%2C60802fa7bda96b4f7761daec%2C604780f16eff72297e5ae158%2C61260d1e4e10b5674f7f9f5c%2C6170136dcce2c92bb64633f4&ofpr=%2C1.5%2C0.5%2C%2C%2C%2C5.71%2C2.8%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame FE39 90 KB
39 KB 24ms
24ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 14 Dec 2021 06:14:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7547 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:47:02 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 80ms
36ms Preflight
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://vnexpress.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Mon, 13 Dec 2021 02:47:02 GMT
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
407 B 548ms
197ms XHR
application/json 52.41.9.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.9.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-9-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1c29406cd92883568c90d5396b549f283da34d5e2abece2cbc4e02b4336ebc2f

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-prebid: pbs-java/1.80.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
1 KB 92ms
92ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5ab452e931380e8a82732820d89b17050049c08a6150674fd0db1866d029aa3b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:02 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 392de2ce-0d81-454e-b4aa-846fed3619dc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
169 B 47ms
17ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vnexpress.net
pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
408 B 558ms
211ms XHR
application/json 52.41.9.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.9.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-9-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7a92f2970b0e71c6037d4f0442a902abd8c5ac02ac5c489889bfabbbf86cd5e3

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-prebid: pbs-java/1.80.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 52ms
52ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211377/0/ 0
169 B 60ms
19ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
578 B 679ms
652ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14106447&componentId=prebid&componentSubId=mustang&timestamp=1639363622637&pKey=-62942138&schain=1.0%2C1!urekamedia.com%2C5e63d10e28a0614d2b01395e%2C1%2C%2C%2C!aniview.com%2C5e4d2a2d2a62e7166c1db7a5%2C1%2C%2C%2C&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639363620659070-384
Expires: Mon, 13 Dec 2021 02:47:03 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 131ms
104ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2b41c56f8dff39325db5d521da59d5c4c08027ca772060b0975de7f95d83466a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:02 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f4c25f3a-15e9-4ba8-9ad9-33b97e212e70
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 2B52
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622555-925571806393-006971-002-004166%26biddername%3D55%26key%3D%24UID
https://sync.aniview.com/cookiesyncendpoint?auid=1639363622555-925571806393-006971-002-004166&biddername=55&key=938033878257425291

0
213 B

321ms
100ms

Document
text/plain

18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622555-925571806393-006971-002-004166&biddername=55&key=938033878257425291
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.9
Date: Mon, 13 Dec 2021 02:47:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1639363622555-925571806393-006971-002-004166&biddername=55&key=938033878257425291
AN-X-Request-Uuid: 4b22f619-0f97-4fa6-8b75-3f153b258a5c
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame B01F 314 KB
98 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 90bd71e512a5de39a5e6692747523d000850a9bcd37887effabd90a4207c78ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds251ONBi8vXM075Cv7Gy4QK39_qAvu00XBNEbP3zDMAmE-hz9oNUSZZRWF-5wKMMYypXcv22Pd04eJbPGRP1x58WbR1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99492
last-modified: Sun, 12 Dec 2021 09:08:32 GMT
server: UploadServer
etag: "08cd3c37c0bd6034c6de18b37a99eb5f"
vary: Accept-Encoding
x-goog-hash: crc32c=MgeckA==, md5=CM08N8C9YDTG3hizepnrXw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639300112402204
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99492
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 02:52:02 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1639363622665&asid=60cb5f4d3b6dc13cf26e7244%2C608eb992edae0405f53640d6%2C617aaee6e722602893160f68%2C61a61665d92edb0e8d6d3a17%2C612e32876533f37795014fcb%2C60b644b003b35f554016ae95%2C6062ff4677fc15049b27e445&ofpr=%2C0.2%2C%2C%2C1.1%2C1.03%2C0.7&fpo=%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3154 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 00:22:08 GMT
expires: Tue, 13 Dec 2022 00:22:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 22EF 783 B
535 B 26ms
25ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e721b35cc1f942727c6fe481e1b2f9f91e92702e79230117867f2f6cd913146a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sRuDU7PQTLl5yMSc4dCDNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 02:47:02 GMT
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sRuDU7PQTLl5yMSc4dCDNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 /
track.adform.net/csimpr/ Frame FE39 35 B
469 B 19ms
19ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=49556873&csi=2Ky7z92fQ8Q7pycRuJs9EjPuXkZywPKDWbSfOePB9crrygPkIxxfk_odEQ4xp3Qzc063bZW5E8e3Dh3jbPeG896vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad23.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad23.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5F49 0
42 B 67ms
16ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57152120&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639363622392-936944863393-007097-008-008467%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-length: 0

GET
H2 200 9645718.js Show response
s1.adform.net/Banners/Elements/Files/2068258/9645718/ Frame 0754 27 KB
11 KB 19ms
19ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/9645718.js?ADFassetID=9645718&bv=514

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

59f9e64914e5176726aa7685e8792f5e4f77706774790a0aedc236632cc6639e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 14:12:29 GMT
server: nginx
etag: W/"6093f94d-6db3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 83ms
81ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
406 B 420ms
209ms XHR
application/json 52.41.9.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.9.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-9-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 767a60eb904b1044c6b0335a679a2dde85fbcef06edff281f6c305fa5c2e9c92

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-prebid: pbs-java/1.80.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 118ms
30ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 13 Dec 2021 02:47:02 GMT
X-SpotX-Timing-Transform: 0.000261
X-SpotX-Timing-SpotMarket: 0.004148
X-SpotX-Timing-Page-Mux: 0.000898
X-SpotX-Timing-Page-Require: 0.000372
X-fe: 071
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
X-SpotX-Timing-Page: 0.008394
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000311
Last-Modified: Mon, 13 Dec 2021 02:47:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004148
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002361
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000020
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 73ms
73ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Mon, 13 Dec 2021 02:47:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 0754 30 KB
13 KB 21ms
19ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:38 GMT
server: nginx
etag: W/"609e6e9a-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 tacho2.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 0754 17 KB
18 KB 21ms
19ms Image
image/gif 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho2.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5bf35e64beb98bace6b719cf94f4ce57e4aea164d5404304b271aef763c9f66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
last-modified: Thu, 06 May 2021 14:12:29 GMT
server: nginx
etag: "6093f94d-45d0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 17872

GET
H2 200 tacho3.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 0754 12 KB
12 KB 23ms
21ms Image
image/gif 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho3.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b66f7f78425f0541849b31d7662a67254caaa1f222a27964ecc463c159e88e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
last-modified: Thu, 06 May 2021 14:12:29 GMT
server: nginx
etag: "6093f94d-2f8c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 12172

GET
H2 200 tacho4.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 0754 12 KB
12 KB 23ms
22ms Image
image/gif 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho4.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8bd079818c58acab6bd8925ca6ea880933994962e5cc83f7f7d4424e5d9d51fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
last-modified: Thu, 06 May 2021 14:12:27 GMT
server: nginx
etag: "6093f94b-2f10"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 12048

GET
H2 200 tacho5.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 0754 12 KB
12 KB 24ms
23ms Image
image/gif 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho5.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fcf5955999aa707293828168c27771dc76be3cc65d2222100ad5aeaddb803f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:02 GMT
last-modified: Thu, 06 May 2021 14:12:27 GMT
server: nginx
etag: "6093f94b-2e71"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 11889

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 22EF 0
0 26ms
25ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1326642466964924&rc=
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3154 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 23:33:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB1F 0
21 B 42ms
42ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=997284638042985&bg=!qqmlqe3NAAZKWFskSlg7ACkAdvg8WuUn_SOWZXmdnAtzUTD0pgL9ScLxm_OppUd3v22SCAT8UsOG_QIAAAEfUgAAAApoAQcKAM3lVdZd3PnQ99amT1zATytAo4xoA662cEMXfhQqtYLf4hES_rl6nujlwLQ9NCEO0h7kzYjwfkShZKjfBDfvQZnop1hT5QyUQ-vdGgKpS-KZITubQSuJHIvULtHTphujUL8s7yOGi6d7r798-SonxgBZwGyeHe59xbeicvDF_LhlL2SX8ncgpDHpB4UpRC0p7SlbKN17aWLR6lDvFbdHIz-jnfMVfIRB5NpoKtK7odbfETPuTfNQUtxEFHj1ndf5bnptPRy71VoDATybFzN8mQK8FuKbjlgM6SLqtz2b-di04TCFWyilrp2hYyz9GZT_oHLU_9u7HzSxl9TgxfTXr69nI7vQHG_g_8UVqEcgTPxxPwLCZVv2ly6x-F1-vxFcjjzb4XeEU6PAbXtq6DRj6fi3Ahhfn8--0my6AF6_6orFhdD0AJ3uZQbJLSieow5Sk_h2xPfJaYb1F8wQs6RfwK_b7IEK_FwC6IFsJMG47YxpTrjdLm-CN3DZ8719Caz0UKnJBBQkI7alnxNaTpzaNrGIEuW_pDPiani3mVOR6e07nYReJEHFgClyEFCRp_CZ9aOwxxb2ulH83Hpb6I0mlY3Mk-C40E1hyJ2bqTP4yxnr87PWJE1jVpqODVTc-vg6Kb6AL7QhhymV9z28QorLOT2Fr0XJcU_2VlzNSClqYsJLSKgfgmwqlJeAQstalKgM43Sb3RDtRc6R4I5bpoCOgDv9Im5UDRQLyzQW4T0suFBvv5-xVkfV_n_MVnqxlfEXumN3uBGPmXy4SQbTuffjc2vWYZyRuSOxF6i53vKMSJnaI2OhSTjSGSIn8bpenhkdukvpgKYtssx-OsZUnTI5cYbfCaUj3eod6UzihCpCfcJ8Zm0kNSMMYBXb8i1gUQ8lxI44H53R6jQAzPA78lhIRQjq_3JSKmVRryJnjX4ke1PxmboGiz_IbLoDMrCeA3Iq9cMVRR9oBjRJ3fhDfYVGkTFl5UE_fYxSJMtH0Fhd8Ef860kBWZvfMoOYcg6dg2QkQMdMvLJnoQdmGKsBq-hFuzIY7z_m5P8sqofrvb9ecfxag4oBCOxQl7xzVArfNU7fSuGYBMyl0Vu8RicH0SV_qSwFmrzgFGnCJNHYaV6XhL5KKm_0fMAemAXktLPY9IA7kOpMEdnFJWJc8Rpvc-7PWalHdyoGv40-JzECpp7AKF1bUmnFQAt6VtpGZiuQ2w

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 0754 43 KB
43 KB 150ms
51ms Font
application/font-woff 52.218.91.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.91.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Referer: https://ad23.ad-srv.net/
Origin: https://ad23.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:49 GMT
Server: AmazonS3
x-amz-request-id: 1BRW8RCSMQRHSWEA
ETag: "d7f0b1ef39025154e8517b4aa705d0bc"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43544
x-amz-id-2: B5PMdGLfjuv/CMuXr1GfRsPC2mq+7WZozAivBnNpl0uIlxZaFl0G/3r8qxdTg+FAu84ONIr7kiY=

GET
H/1.1 200
OK TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 0754 42 KB
43 KB 145ms
44ms Font
application/font-woff 52.218.91.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.91.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Referer: https://ad23.ad-srv.net/
Origin: https://ad23.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:53 GMT
Server: AmazonS3
x-amz-request-id: 1BRKHN6NCQMPZS9H
ETag: "41b43bece8523c4d26acc3b30d11019f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43468
x-amz-id-2: FNA2OVaf6Ij5iarexRZVXfN5mMsqku9DoPmz25oIVPGIQEFx/3TylUQrgapjYFyGyKYhBRiUU6w=

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7547 0
21 B 43ms
42ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1326642466964924&bg=!JiWlJWHNAAZKWFskSlg7ACkAdvg8Wm5qU82jTYexClSXY0-yu-xq823jhbRrz93jlEONvqa891LV8QIAAACEUgAAAAtoAQcKAD2B1Hf4K0lTxfgPboScPBFZHcQtZ1Eki_Fi5Kro5mhl8V5VVet2EkAY8xI1i0SzN-a4PMEL04fTwJOIYpNomQLguxuf9i-ZdMVayvLlZHhRFVQlMESKNHZHS1k9j1Xa00Cdo0zpSVRwAZOrEqVX6k_YJajUqDEVDju6J-HtU7OFiEwOJN8lfLtPY6gFJLNbhgTlw6uUNCpV-aPoaUHSx0JyFwR38vXPK1Cgpk1XvZCyq0dUkz3Ln5UEevOt-zUbb_X7eDt1hk4laXhBagEBpcjX0ksw9YD6xjRfsntSH2bQTLaFZv4I_HzyVt37PLIE2SoxPFbpFIzfLOBmLtvZuCk8znhSNA3lvSoMqjD3t5DV84axSWY1gvSUmlB8YsASaP0-S0aBXnooEH2q6gXOQWFFm3v_mn1u4hT1uUe0Q2BLIcvX25Bc4vgzvxxGoTQreaoqSki_DMk-v_LnfWqhO7V873yrPG1trH1ctUyYCxw1jqDVNkVvnKWO5kFlQKQXq4HmnCpOq0xRuQrk4wB9z3BiaS7XXk040VXZTEBr11zQQOd4epWNUYUq8W9Se8s2qiIsa6KrPXIDmUn4mSgk4IpirUNczQwBOl4lYSj6LPXky-VS5OdzyLQaUw5F4r1ArBR4iBPKKOyoNHOvMMkVqpTIGRIhFyeNTrH68y0ewfJV8N6FpcqgzSGm1z7YK5dXntbMYVDIcJcophjGr5pv_dRfF-vlwsS2f8y_dSn-b3kBFp_XwqZ1HT-0-VzAxVAU8DH3_5b-RWbznZYjYVGJVp14E2rowycBqLjfVyrXgMAIkQnz5fK2OjqefDxr2-Zp0WZKdYQBNikWY7R5LPvqjkuCsWbAzLwJLkCQR9eO8jZOfPoD2FFGedSJ4rmuwPrC6QtPS5EoiX0u9GgHkLOg1sa6roRFNXOUDm9659-uT7v8BJNOjuaALbG-Nhwl33JI_BdK25dD6glWsPpl6VV0DI2ioR0wc6JpfCLIJBFLSfuO3f5LK7-VoNAitCiV-i6brADzho-4mP_O5VKC8Qk0R2LbIukJLakMTl7OkIfaXKgigQ

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 56ms
55ms XHR
application/json 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=63695605483-uh3lvelqpb59s1tn5qh59ovbcuhfa54v.apps.googleusercontent.com&as=xoFoJmjXwPJkgTjZ7gsneg

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.sfEyfeao_9E.O/am=chE/d=1/rs=AF0KOtW8lfG_r32MeHektUUsH82Ip8ajIQ/m=gis_client_library

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7f39e75855511b066a9215d6284096aeb218a2aa22f5a1e030dd71285711845

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CRybTy1jixatJEpyXTCFGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-CRybTy1jixatJEpyXTCFGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
25ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

45028a016d3feb51b3aef6a82b6e77c2cefbad208fd7c5b053514b15b92949ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8531
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 30B6 11 KB
5 KB 65ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2035
date: Mon, 13 Dec 2021 02:47:02 GMT
content-length: 4685

GET
H2 200 jquery.3.2.1.min.js Show response
s.vnecdn.net/vnexpress/restruct/j/v575/ 85 KB
30 KB 684ms
171ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
last-modified: Tue, 26 Nov 2019 07:22:26 GMT
etag: W/"5ddcd2b2-15283"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Wed, 14 Dec 2022 02:47:03 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 8477 43 B
429 B 86ms
27ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master zrh-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: MT3 4133 baa842e master zrh-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 13 Dec 2021 02:47:02 GMT

GET
H2 200 709414.gif
id.rlcdn.com/ Frame 8477 42 B
417 B 50ms
14ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:03 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8477
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAA...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmNmYTkzMWQ0MTc0NmFlZGVlNmJkMGRkMjkxMDkzNTk4ODgxMTVhZg&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQA...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmNmYTkzMWQ0MTc0NmFlZGVlNmJkMGRkMjkxMDkzNTk4ODgxMTVhZg&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmNmYTkzMWQ0MTc0NmFlZGVlNmJkMGRkMjkxMDkzNTk4ODgxMTVhZg&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

I9C8L6W234fpoxfcPD6jyMn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 8477
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQE...
https://pr-bh.ybp.yahoo.com/sync/rubicon/I9C8L6W234fpoxfcPD6jyMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAI...

43 B
323 B

115ms
35ms

Image
image/gif

2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/I9C8L6W234fpoxfcPD6jyMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

Location: https://pr-bh.ybp.yahoo.com/sync/rubicon/I9C8L6W234fpoxfcPD6jyMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8477
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAA...
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggA...

42 B
1 KB

632ms
157ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEGVgZDRrMICWw5EGjfkKpEo&google_cver=1
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEGVgZDRrMICWw5EGjfkKpEo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 511
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8477
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAA...
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a0d967a-c2dd-49fd-b870-fdc8844ec57c&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBA...

42 B
1 KB

633ms
158ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a0d967a-c2dd-49fd-b870-fdc8844ec57c&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5daa34953a867809056448757b76591b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a0d967a-c2dd-49fd-b870-fdc8844ec57c&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 601

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 8477
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX42RV09-27-H1SE&sigv=1&esig=2~c5ea8096e9195d1c70716c94376758d72dd29736&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQC...

0
445 B

41ms
13ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX42RV09-27-H1SE&sigv=1&esig=2~c5ea8096e9195d1c70716c94376758d72dd29736&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX42RV09-27-H1SE&sigv=1&esig=2~c5ea8096e9195d1c70716c94376758d72dd29736&gdpr=1&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8477
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvl...
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAA...
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yba0JwALfr-rIgAz&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACS...

42 B
1 KB

631ms
160ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yba0JwALfr-rIgAz&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=Yba0JwALfr-rIgAz
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639363623.198358,VS0,VE0
x-served-by: cache-fra19130-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yba0JwALfr-rIgAz&gdpr_consent=BPRIwlyPRIwly__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=Yba0JwALfr-rIgAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E7B8 42 B
65 B 43ms
42ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyrlSp6YfzDhPy0ZPrLuJR-qFeiqzDVHdSFpcYI8i2BFLL3nhF-DMD46SHFVOGX_GDZr7TZ88OUAiY6zBvzcUK_uHK8e_gNeQINctccE9940RiUlXyww&sai=AMfl-YQBHZBePv2WOborYe3yzW_0Izp71qohEgeQCSYGRvg1a57QwIkxstk3vQLgyARcMoONZP0xob5GHw6wgcSQhsfoflSukwOx9DRTOx6HnEA6j9FOBFmSWlRJjcRNuwxS&sig=Cg0ArKJSzKmsvyJfpJzlEAE&cid=CAASPeRo9hWmeX_Z3WTIk8rGGrNhZ8yxXVHdsX_qoA5vXryGaHghiYl3xSzw6-rSkZ7Gkja-GrOvWiDXTLIUfSk&id=ampim&o=1050,392&d=300,500&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=102&tls=1108&g=100&h=100&tt=1108&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1680299014

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 870A 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 00:22:08 GMT
expires: Tue, 13 Dec 2022 00:22:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5DA8 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c045429faf617c8c168fe721326775594c3af1496f7d4f77444bf2d0947aa5d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t2PF6EJgembPO7EXDU9Z7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 02:47:03 GMT
date: Mon, 13 Dec 2021 02:47:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-t2PF6EJgembPO7EXDU9Z7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 870A 35 KB
13 KB 10ms
10ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 23:33:12 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 30B6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=vnexpress.net&sn=ChromeSyncframe&so=0&topUrl=vnexpress.net&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=VVGwvHxIT3FHaUpsUGM4Sm1Eckl5bFd6eVRIRktWWGN1OVFESDlabWI2bnRSUjUrdGVZOTlPM0xCNmMyTlNobjhPdEFuUGRFNzZTRDdtajl1Qlh3eHVDTnBubkU0Yis5akFXU1lnWDJrK2ljQzRpa1liN1ZDUEZmTUZxbF...

422 B
619 B

58ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VVGwvHxIT3FHaUpsUGM4Sm1Eckl5bFd6eVRIRktWWGN1OVFESDlabWI2bnRSUjUrdGVZOTlPM0xCNmMyTlNobjhPdEFuUGRFNzZTRDdtajl1Qlh3eHVDTnBubkU0Yis5akFXU1lnWDJrK2ljQzRpa1liN1ZDUEZmTUZxbFZqUWZxOGt3VGwzRjJWeUhUMTBiWVpncGUzQ3lheUFHK29BS0dFakRDRmJIemxRV1RRMVpvdmpmYk9SY3E4d2pMMSt4Y3BPVHV3NWxJTHY1L0dIQzBvMytUVjhXS0VoeFZPMHYzb1R6dHFmNkpmM1VIcnYzM0UvcndFb3VzZjB6VnFIUWNHNWpBZmVJTkl1WXhwS2t1VjA3USt2ZzJZZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

06180cb3884a7206a1e9a48dcfaf38b8b3bcfa85f3cf99276d1697d93660e6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Dec 2021 02:47:02 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4373
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 13 Dec 2021 02:47:02 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=VVGwvHxIT3FHaUpsUGM4Sm1Eckl5bFd6eVRIRktWWGN1OVFESDlabWI2bnRSUjUrdGVZOTlPM0xCNmMyTlNobjhPdEFuUGRFNzZTRDdtajl1Qlh3eHVDTnBubkU0Yis5akFXU1lnWDJrK2ljQzRpa1liN1ZDUEZmTUZxbFZqUWZxOGt3VGwzRjJWeUhUMTBiWVpncGUzQ3lheUFHK29BS0dFakRDRmJIemxRV1RRMVpvdmpmYk9SY3E4d2pMMSt4Y3BPVHV3NWxJTHY1L0dIQzBvMytUVjhXS0VoeFZPMHYzb1R6dHFmNkpmM1VIcnYzM0UvcndFb3VzZjB6VnFIUWNHNWpBZmVJTkl1WXhwS2t1VjA3USt2ZzJZZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1923
content-length: 541
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DA8 0
0 19ms
18ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=77733819889399&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1639363623211&asid=60cb5f4d3b6dc13cf26e7244%2C617aaee6e722602893160f68%2C61a61665d92edb0e8d6d3a17&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK viewability Show response
ad23.ad-srv.net/ Frame FE39 0
150 B 22ms
10ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad23.ad-srv.net/viewability?s=53583000009985000003104011807023&a=99c94495&vb=v
Requested by: Host: ad23.ad-srv.net
URL: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad23.ad-srv.net/request_content.php?s=53583000009985000003104011807023&a=26fe8151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B01F 375 KB
124 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126530
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 107ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=bid&cb=1639363623339&asid=5f8fa1ee713056439365ef64&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 108ms
107ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=bid&cb=1639363623339&asid=60938ff57621683c2c6776a3%2C60c9e536e444d9250e590371%2C60802fa7bda96b4f7761daec%2C5e5e346c28a0613c6a54f5b4%2C6170136dcce2c92bb64633f4&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A80 42 B
64 B 42ms
41ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFgsCUF21AL8pgXOZYeXtZbDN7Eqlw-UTx8Z7Lqhf-bC0JxBXOUvfpdO6tNsTVK8LKyfMeBhQDw0XslxtX8UTDBQ&sig=Cg0ArKJSzOROQqs2qdZTEAE&id=lidar2&mcvt=1056&p=90,436,180,1164&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1832943895&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639363621786&rpt=531&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame C245 15 KB
7 KB 153ms
34ms Script
application/javascript 34.247.8.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=50a23d37-3eeb-43c7-91dd-c4231e15f1c2&pblob=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.8.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-8-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7a26880b3804c4c3b8e59ccfc36accd73e898fed554c8922c341f8a360881f7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6636

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame E517 337 KB
114 KB 80ms
8ms Script
application/x-javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639363623.dop221.fr8.t,1639363623.cds004.fr8.shn,1639363623.cds004.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame ED80 375 KB
124 KB 67ms
52ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126530
x-xss-protection: 0
expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4010 596 KB
194 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B01F 44 KB
17 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F4D8 596 KB
194 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4043 596 KB
194 KB 18ms
18ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B01F 107 B
122 B 20ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8412 37 KB
13 KB 9ms
8ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 03:35:03 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A545 37 KB
13 KB 11ms
10ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 03:35:03 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 5A80 7 KB
3 KB 154ms
112ms Script
text/javascript 13.224.96.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-8bd85091-e236-41df-86b3-da918d528ea8&sid=0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-2.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 500c6d488fbd3de46f4b5abcc1ba216b7eb1844255339410b20be93eec14a7d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 2413
x-amz-cf-id: l8rKHbLAGWMmZk_fzu_RKISKgn89ikt86rhK5f3x6JIWBdG8G3SvZg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 5A80 38 KB
11 KB 54ms
13ms Script
text/javascript 13.224.96.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-2.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 05:36:24 GMT
content-encoding: gzip
server: nginx
age: 76239
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vpe0LWxMrqyZLV28YrGc9HQGZGNIwCm0Bpp3yveyHHSywyGv4LgAoQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 5A80 43 B
395 B 156ms
116ms Image
image/gif 13.224.96.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=24c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-2.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ZRH50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: 3UwrhY59LdMByrzS5tL_rSMDrkBD2rsxNpo14xbf5Uu4U4uziMCycQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3EB3 37 KB
13 KB 10ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 03:35:03 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame E517 25 KB
25 KB 33ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639363623528
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639363623.dop012.fr8.t,1639363623.cds012.fr8.shn,1639363623.cds012.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=69eb21548d8fd41a3f31896b7cdf8138&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l032a_7041013147037783767
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEK3LK48L7IGVfJg_5eCiiDc&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9a0d967a-c2dd-49fd-b870-fdc8844ec57c
https://pr-bh.ybp.yahoo.com/sync/stickyads/69eb21548d8fd41a3f31896b7cdf8138?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-M3u38XxE2oMiUiJnb49o8phV3Q00ZdzsLgmF7x0L~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=938033878257425291
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=de7361b6-b428-4600-a888-8d94d0ddfbd2&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=4bi6Gg3D1MWBmM5&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2093463165018036868
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AA0CBE7DbWgAAEzqjHsDFQ&gdpr=0

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame E517 301 B
854 B 19ms
18ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12051953&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: nginx
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1639363622884049-424
Expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame E517 67 B
719 B 109ms
108ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12051953&_fw_gdpr=1&cbb=9363622541&_fw_us_privacy=1---&_fw_gdpr_consent=&schain=1.0%2C1!urekamedia.com%2C5e63d10e28a0614d2b01395e%2C1%2C%2C%2C!aniview.com%2C5e4d2a2d2a62e7166c1db7a5%2C1%2C%2C%2C&vav=bc62b80e62d1f3cd56e5100486160ecd&vaviv=4c6af2cbf4e4ea5d8b9349109a57327e&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639363622800037-399
Expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
21 B 43ms
42ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=77733819889399&bg=!FxSlFFDNAAZKWFskSlg7ACkAdvg8WlBj5b4tP0sC21SZKiQU-cehdcLyHJ0cXaCNWejIXkfcl84zhwIAAAD7UgAAAGpoAQeZAqpNllqtXGPkMtoHwuuDolWwuD5rYSgLzaF4ZJGJMxJOiaF1i-9s5z8RLdOI_b2WA032cjyEOpaxBbAHA46eMxxVcwfyB2WbAaqukvLSVpXtAviYYS71sV-BOCX13IxtES7I1FjV4td8IVCxtAJk2uIVSVe6BWiLfu0ukGvPkiXOFXcOKBT_e7iFb34knfWR5SGgPjAXU6ymdXMGd-rzGPHye0Sra6jdnmfZTSzqlrIEAzpEZSwnvOrLKMURjpVUjb9N9oWPYVYqerykRTwDw7e6S9QsWHjpCiutyyPS-4eLqlzNp1jybfr3ddQojWRxekli5hFdfdDVOv5Ac_InAooHDU52NeXfwYcAPZLFNDj1K-dAjQkyo71RBaYwq_ySgo_h9RQvJC_Ospg4RzEzVIVsKK2wiWTxB6KFhsulAJXjbZhIsoBkc2bsHoazIRzY8qq7NJVsNjfGyMPALP0q3vdn4hq_AKmB3I_TxUL4xA4PrTLUxnX2uFZdKXngfdHNmv4Fjb75peX9oXtiYx-DUShAQG6OnqKwpeSJnvBWYsGL6X1yK4lkFhPh6R8JRwFhZBTovgWQPM_4ydpd8hFs1JXl9qUINpns3hN-wiUGcUhz1vOWzRrL4QO6x1o-4KsPanUbhfOTZC45twz4vDQrjpIkhoD-GZzXTaxHOP26jkc7hPtTPszm4vaaDfaCQI4in6WJ9Dw1Ie4pA0QBRBE09G02OI3GPhES7SyF9j-A646GVTjhN41tVCK5ow41GQWvFmaQzCZF0SLVs_EnMH16cHamUpQsV5lBaGsrHqpO1Fo9uZSXw-mLyRCNipBSTp8OKeTJKiLg3GjcD_9D8sKo-ltYdtDuhgUtCXoCHKtokJrJHUJc9t4WMKmHNCrJQC-HEnKkee9pGLEnPmx6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 11FB 596 KB
194 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame ED80 44 KB
16 KB 33ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EDFD 596 KB
194 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C91F 596 KB
194 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ED80 107 B
122 B 17ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=

170 B
188 B

31ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639363622990032-377
Expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=69eb21548d8fd41a3f31896b7cdf8138&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

341ms
109ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=69eb21548d8fd41a3f31896b7cdf8138&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:04 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B3KCGP0GGY6P9CJ4A7BT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=69eb21548d8fd41a3f31896b7cdf8138&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639363622990033-377
Expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/ Frame C245 319 KB
103 KB 88ms
4ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=50a23d37-3eeb-43c7-91dd-c4231e15f1c2&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 08 Dec 2021 13:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392168
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104909
x-amz-id-2: jweIXfFVX79MpJ2P8Z3OEcT4P9Asmea/1BgH43shufXjxYMDveAyQyzOdluHFhJYLm9pVjx29CM=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Oct 2021 12:07:18 GMT
server: ATS
etag: "ad866575d644f8b5c5d7a56ff730d7e3-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: PJFABP80FQQRGA6D
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 323ms
114ms XHR
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 02:47:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame C245 43 B
246 B 93ms
7ms Image
image/gif 35.157.211.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59ae8acf7cdce04271395139&s=true&pv=10.2.82&ifr=true&cb=0.08176703839059596&pt=o2unit&sid=ca853166-8274-492f-bbba-7920a9632671&r=https%3A%2F%2Fvnexpress.net%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.211.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-211-26.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:03 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E96C 37 KB
13 KB 11ms
8ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 03:35:03 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8CF9 37 KB
13 KB 19ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 03:35:03 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D488 37 KB
13 KB 19ms
18ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 03:35:03 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 91C4 337 KB
114 KB 33ms
8ms Script
application/x-javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639363623.dop221.fr8.t,1639363623.cds004.fr8.shn,1639363623.cds004.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6192 14 KB
5 KB 32ms
6ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159970
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=36737
expires: Mon, 13 Dec 2021 12:59:20 GMT
date: Mon, 13 Dec 2021 02:47:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1A54 281 B
554 B 19ms
8ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Dec 2021 02:47:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 get
choices.trustarc.com/ Frame 5A80 287 B
629 B 12ms
12ms Image
image/png 13.224.96.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-2.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Nov 2021 06:27:51 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
server: nginx
age: 2060352
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
content-length: 287
x-amz-cf-id: IzKYVkF-FG-4nEgwEC8RMdqoV-1BlxIZkLkvNMo15xKtuxq-MQJMGg==
expires: Sun, 19 Dec 2021 06:27:51 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3C71 281 B
554 B 8ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Dec 2021 02:47:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4212 14 KB
5 KB 8ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159941
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=36737
expires: Mon, 13 Dec 2021 12:59:20 GMT
date: Mon, 13 Dec 2021 02:47:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 40F3 52 KB
17 KB 36ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 12 Dec 2021 02:31:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 13 Dec 2021 02:47:03 GMT
Age: 920
X-Served-By: cache-lga21961-LGA, cache-fra19177-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1147
X-Timer: S1639363624.923717,VS0,VE0
Vary: Accept-Encoding

GET

generic
sync.ipredictive.com/d/sync/cookie/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEK3LK48L7IGVfJg_5eCiiDc&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9a0d967a-c2dd-49fd-b870-fdc8844ec57c
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=938033878257425291
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=93e361b6-b428-4200-a0df-858ad6633836&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yba0JwALfr-rIgAz&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2093463165018036868
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AA0CBE7DbWgAAEzqjHsDFQ&gdpr=0
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=8775667080933379760
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D
https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2304492&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D

0
0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 91C4 25 KB
25 KB 7ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639363623921
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:03 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639363623.dop012.fr8.t,1639363623.cds012.fr8.shn,1639363623.cds012.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjllYjIxNTQ4ZDhmZDQxYTNmMzE4OTZiN2NkZjgxMzg=&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEK3LK48L7IGVfJg_5eCiiDc&google_cver=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9a0d967a-c2dd-49fd-b870-fdc8844ec57c
https://pr-bh.ybp.yahoo.com/sync/stickyads/69eb21548d8fd41a3f31896b7cdf8138?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-M3u38XxE2oMiUiJnb49o8phV3Q00ZdzsLgmF7x0L~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=40bc61b6-b428-4900-a369-bc1c52663bee&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=5VlsAzkk1MWBmM5&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2093463165018036868
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAvgzU7DbWgAAExgjHsDFQ&gdpr=0
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3011341032875855536
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=9847874&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f55f25be-5bbe-11ec-ab9e-c11f7817a48e

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 91C4 59 B
611 B 18ms
18ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept: application/xml, text/xml
Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:03 GMT
Server: nginx
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 59
x-sticky-vk: 1639363623251054-340
Expires: Mon, 13 Dec 2021 02:47:03 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 91C4 67 B
719 B 74ms
74ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=9363622542&series=508416051442968553&_fw_gdpr_consent=&vav=023b36f0172fb30dc96dc2f29d978154&vaviv=ba0b447445c5d961eb8e7c0e4514cecf&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:04 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639363624239005-372
Expires: Mon, 13 Dec 2021 02:47:04 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ 133 KB
44 KB 51ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 323F191B2EF28804
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=40691
accept-ranges: bytes
content-length: 44266
x-amz-id-2: w1vBWHvJ9SRbTv6kBUzFv3+JSN3a/Rn6XLROBEKaUemhdjhQ2HcKwcNvnRLQiZ2qBEcwDFhSxhs=

GET
H/1.1

200
OK

0SzYvAqqJfH4Pvhp5l0RGQ== Show response
ads-eu.v.ssp.yahoo.com/a/h/ Frame C245
Redirect Chain

https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=9363622541&gdpr=1&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=168.119.25.199&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%2...
https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=9363622541&gdpr=1&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=168.119.25.199&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64...

249 B
528 B

459ms
419ms

XHR
text/xml

52.57.42.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=9363622541&gdpr=1&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=168.119.25.199&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&lat=48.35340&lon=11.54910&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400&a.y_rid=b39af99f-220a-4f25-bfb4-d1c63f9ceeb1&a.is_yahoo=3&redirect_y=dHM9MTYzOTM2MzYyNDAyMS42OTAxODY6YXBpZD1VUGYzNTBiN2M5LTViYmUtMTFlYy05MGM0LTA2NTBlYWFjYzBjMDpyZXF1ZXN0X2lkPWIzOWFmOTlmLTIyMGEtNGYyNS1iZmI0LWQxYzYzZjljZWViMQ==
Protocol: HTTP/1.1
Server: 52.57.42.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-42-190.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://vnexpress.net
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=9363622541&gdpr=1&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=168.119.25.199&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&lat=48.35340&lon=11.54910&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400&a.y_rid=b39af99f-220a-4f25-bfb4-d1c63f9ceeb1&a.is_yahoo=3&redirect_y=dHM9MTYzOTM2MzYyNDAyMS42OTAxODY6YXBpZD1VUGYzNTBiN2M5LTViYmUtMTFlYy05MGM0LTA2NTBlYWFjYzBjMDpyZXF1ZXN0X2lkPWIzOWFmOTlmLTIyMGEtNGYyNS1iZmI0LWQxYzYzZjljZWViMQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame C245 43 B
245 B 8ms
7ms Image
image/gif 35.157.211.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=ca853166-8274-492f-bbba-7920a9632671&vvuid=fb6e85cc-a4a5-4a90-8639-c48117871257&orgId=23089&plcid=1245982&vrid=50a23d37-3eeb-43c7-91dd-c4231e15f1c2&ab=0&dt=313&h=225&spaceid=793604934&w=400&cb=0.10581197903722361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.211.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-211-26.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Mon, 13 Dec 2021 02:47:04 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame C245 43 B
245 B 8ms
7ms Image
image/gif 35.157.211.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=ca853166-8274-492f-bbba-7920a9632671&vvuid=fb6e85cc-a4a5-4a90-8639-c48117871257&orgId=23089&plcid=1245982&vrid=50a23d37-3eeb-43c7-91dd-c4231e15f1c2&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.2767369892459244
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.211.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-211-26.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Mon, 13 Dec 2021 02:47:04 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame C245 43 B
245 B 8ms
8ms Image
image/gif 35.157.211.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=ca853166-8274-492f-bbba-7920a9632671&vvuid=fb6e85cc-a4a5-4a90-8639-c48117871257&orgId=23089&plcid=1245982&vrid=50a23d37-3eeb-43c7-91dd-c4231e15f1c2&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=225&cb=0.6571155739781409
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.211.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-211-26.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Mon, 13 Dec 2021 02:47:04 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A54 32 KB
10 KB 7ms
7ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23919
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9506
Expires: Mon, 13 Dec 2021 09:25:43 GMT

GET
H2 200 get
choices.trustarc.com/ Frame D8A5 287 B
627 B 13ms
12ms Image
image/png 13.224.96.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-2.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Nov 2021 06:27:51 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
server: nginx
age: 2060353
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
content-length: 287
x-amz-cf-id: oRD3lK3s3U6DSpsoSsIjuWGrEd3c1uDz3sQV7av4_SVqnLZ4we8uCw==
expires: Sun, 19 Dec 2021 06:27:51 GMT

GET
H2 200 get
choices.trustarc.com/ Frame D8A5 739 B
1 KB 13ms
12ms Image
image/png 13.224.96.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-2.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Sat, 13 Nov 2021 13:36:21 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
server: nginx
age: 2553043
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
content-length: 739
x-amz-cf-id: rzDtdSIMoDdES3sxfuh9aqWa7XcLZDBmFGC5msN0Q3q7lm1KO5KKfw==
expires: Mon, 13 Dec 2021 13:36:21 GMT

GET
H2 200 bad.js Show response
core.polyad.net/ 272 B
508 B 1021ms
175ms Script
application/x-javascript 111.65.248.227
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://core.polyad.net/bad.js
Requested by: Host: s.vnecdn.net
URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.248.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: cache_polyad_hcm_249_10 /
Resource Hash: edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-proxy: 1377casthnfpdd10bf7c7468e873e79ba2ad242
date: Mon, 13 Dec 2021 02:47:05 GMT
content-encoding: gzip
last-modified: Thu, 14 Nov 2019 09:38:26 GMT
server: cache_polyad_hcm_249_10
etag: W/"72c42544cf9ad51:b5e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
x-status: HIT
expires: Tue, 14 Dec 2021 02:47:05 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame FE39 35 B
469 B 19ms
19ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2093463165018036868@@49556873,142536044486860950,100|1102|0|0|0|0|0|0|0||38|1|||||1|0|0|Z8-jqbOXeiFcPlakbYq96TyEi3zlnUED4FSD68j0ZGkUL6LXBGmQL4m3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad23.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad23.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3C71 32 KB
10 KB 64ms
64ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23919
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9506
Expires: Mon, 13 Dec 2021 09:25:43 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158804
https://image8.pubmatic.com/AdServer/ImgSync?p=158804&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUMxMTkxMkEtNTVDMy00Mjk2LTgyN0EtMUZFQUY5OTc3NDhF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

25ms
24ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Mon, 13 Dec 2021 02:47:04 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:396
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1639363624244&de=768221661852&d=174%3A-%3A-%3A-&bo=vnexpress.net&bd=vnexpress.net&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 02:47:04 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4010 26 KB
6 KB 386ms
385ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4221984902810595&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3016455354&sdk_apis=2%2C8&sid=E1B925BB-586B-42D3-96D2-DAF965E52C1F&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&eid=44725355%2C44726393%2C44750824&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624247&cookie=ID%3De67309d769fb5a1a%3AT%3D1639363621%3AS%3DALNI_MbEnTY2UeZlY7KVtuhbXhdj_GPRfg&scor=1694728331423712&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3379efa4cea32ff3c9033dd2ab287a2ca00f42eb39beefb6c327b58e980ab5a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F4D8 156 B
185 B 257ms
257ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel7047%2Fvast5cygobel&description_url=rushcrunch.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3711928694047722&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3094699003&sdk_apis=2%2C8&sid=E1B925BB-586B-42D3-96D2-DAF965E52C1F&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&eid=44725355%2C44726393%2C44750824&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624252&cookie=ID%3De67309d769fb5a1a%3AT%3D1639363621%3AS%3DALNI_MbEnTY2UeZlY7KVtuhbXhdj_GPRfg&scor=3439494064054562&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4043 156 B
523 B 184ms
183ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel8204%2Fvast5cygobel&description_url=missyusa.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1607157695274489&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1241381472&sdk_apis=2%2C8&sid=E1B925BB-586B-42D3-96D2-DAF965E52C1F&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&eid=44725355%2C44726393%2C44750824&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624261&cookie=ID%3De67309d769fb5a1a%3AT%3D1639363621%3AS%3DALNI_MbEnTY2UeZlY7KVtuhbXhdj_GPRfg&scor=4034197390653512&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 40F3 0
732 B 12ms
12ms Script
text/html 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:04 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c498f92c-b74a-4856-b065-16048a65e206
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 11FB 27 KB
6 KB 189ms
188ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107863627%2FANI-vnexpress.net-web&description_url=http%3A%2F%2Fvnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2246122251472646&nofb=1&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1797510506&sdk_apis=2%2C8&sid=CA530A1F-1E3A-415B-9988-1DF402E8F89C&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624500&cookie=ID%3De67309d769fb5a1a%3AT%3D1639363621%3AS%3DALNI_MbEnTY2UeZlY7KVtuhbXhdj_GPRfg&scor=1705285556700822&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

89908dd50e4166f14578ab45a538ad9c489e241fc3b597b79e3f6a9e0094fa2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame EDFD 26 KB
6 KB 369ms
368ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F170737076%2FVideo%2Faniview.com%2Fvnexpress.net&description_url=https%3A%2F%2Fvnexpress.net&env=vp&correlator=1609664610375071&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&max_ad_duration=30000&unviewed_position_start=1&cust_params=posA%3D4&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3944034456&sdk_apis=2%2C8&sid=CA530A1F-1E3A-415B-9988-1DF402E8F89C&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624510&cookie=ID%3De67309d769fb5a1a%3AT%3D1639363621%3AS%3DALNI_MbEnTY2UeZlY7KVtuhbXhdj_GPRfg&scor=3821421982723180&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f9e2f32ad9bd3d360b1804c9dd8c9e3e240bac97dd252524e14362ae7e3be62f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6384
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C91F 156 B
153 B 173ms
173ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21871596757%2FANI-vnexpress.net-Web&description_url=vnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3114652520260769&nofb=1&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2482110470&sdk_apis=2%2C8&sid=CA530A1F-1E3A-415B-9988-1DF402E8F89C&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624516&cookie=ID%3De67309d769fb5a1a%3AT%3D1639363621%3AS%3DALNI_MbEnTY2UeZlY7KVtuhbXhdj_GPRfg&scor=599760879619772&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie.php Show response
optimize.urekamedia.com/ Frame EE42 11 KB
4 KB 563ms
194ms Document
text/html 125.212.217.26
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=70163936362230&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Requested by: Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/optimizes.js?m=1874508&apnx_segment=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.20.1 / PHP/5.6.40
Resource Hash: ff2cda00f0d0aaf3deda0006dd21fc45b6a64533d501d8aa30f288d1d7c72eea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/

Response headers

Server: nginx/1.20.1
Date: Mon, 13 Dec 2021 02:47:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Cache-control: private

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame C245 43 B
245 B 7ms
7ms Image
image/gif 35.157.211.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=ca853166-8274-492f-bbba-7920a9632671&vvuid=fb6e85cc-a4a5-4a90-8639-c48117871257&orgId=23089&plcid=1245982&vrid=50a23d37-3eeb-43c7-91dd-c4231e15f1c2&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&aert=637&ar=no&fo=0&ft=0&h=225&cb=0.024988044296032852
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.211.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-211-26.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Mon, 13 Dec 2021 02:47:04 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4010 21 KB
13 KB 106ms
46ms XHR
text/xml 74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CpZZPOYTIajUMKWiFwJJDUH6Jz-PUN-tXSiUbsP-NWFJRZ3TmD57xe9b3pX-1IhqMwyEziZ8d5_FX7JyNmXzDFKPhZ5A&dbm_d=AKAmf-D0rhIEV21L4O5M89_lbMnu6i7VLHyd5y-ZRFGgvG47KbxU6qIP_GuaaXJm1nj-NdL1Bj7fx1aYu3M26yDWN3GIrPdJqnhvAFZLaBkPwbysWG1sIz1rwma3TvAZnPfV5rwyqTNdJoYVdfArhDWqL01GjxRS8u3zPGdA3sracplsnXnEGQ3rTENbR2GAQuRzBrnSa70btlXMFIwmF41lCIgqohmHesfbAjuPhxBqOFcYSZDMNs5vn8B0090NjW4JAhgb2SSeBAdtb7UqdViuztdaaflK5Hc20MMQMafxh027K2N2wsHdAmx6NGRRxLTevbjny5yM7ggdzuljzbfvDL_AUQ8fpuVhviJHe8stujZcOPF2L15vtxXnKbqaa39smy8YwDMcOPXnvf0wZZcVdierxeye8JbEkejlV0qHRb2xzsmixlTEU8PjWsFgzzuIaocFDRF95Nd8YM7oP6tTuqcOkBx7_kZs4K9QdvaJ9yBMQW6USZ4QlmgZSMMRxVH-tTyn7E5q78KDWxc0QKpF0kfmUQfc1IA4U8PlRcqIVw3zJAsdSp9Dw_q4uGpAMaJzvGeujdI84VPn2AwTu-C-6sIctKXLb8NPJtyEKNMZVHSFRv0WVrQYmCbWOpPeEqYQuDRJRmUYahKszfdmtv6yLR_YT5OrSNF1UcpMGKgpTbyOQjBDymoanU8WZGvrOgSXb09TwrMwqGxxSITU0A-CerXhP0fa90jBCpl4kHbhkodv-KbDdxgY1FP3tbm7PIA5dmPdXxJ4n7k2fsbl1jso26IXwrqXTjiEYFV-lf2kVN9mexvRUkJMkMfwu6kFgidEUNhTJ4rKLGxV57Ss7f9eq82MaZ5ou8T2RsO90jyoE_xKVnckWm5_2W8lEfhRr7fbz6ViBYHepX8xSOTyFkOZqYp7MT3ggpp2msBmBNyrPYl5PexsdcC4h9rkK5aEX70jkiN6OGtMx3WUr8WdkT-y2C_F5G60NuPBD9UWY296pzAMgRTxG3pQNzHYD2sSlUMkPvyBTgYCg6Pe1ujARxZbsJjOSXWoO9oX8zrfgxyW0i1uozt8HQp_qfh7BsYe2Q7lXGDLK-bI3IW9U4PHPzcgrZLoyHltN5ZDBXUwVmTmgd6v47utpDpKImvdfcQ-L6GBZyo1bROqulQfDwyttP_n7udO_LxY28fRZSlT-ae9c2wxjb5pPNe_GlHNV0G9b1jMcpB07T-rQCIStkhWEbD3rzW7XC2BND798oPe69CA53g8ofXLu4hU_XIv-hf4J3FBhpM4UxKc07UNg8Y1JAehD7xUqseNit0Olas0EvyTsQnjygu-pOnBoL7DuO3RvHWz9Syv6ccWbrWIqBya80KUC1BpDD3KAx1IssRpf7dt9ZeziAFqJGWjBOx9ruNLHwoZd4h5yN-Glhxxp1cb0F1sJz7MrdEMlfORPCtuX4oQozpQS5Kxi2uW-R0FejplOtuv-0E7WMp8oUweC6la6MZMVMZNcYTvhGqnXFl8ID-wOL5hu3wKM2buaESavNVAzNQLQi2PTKlZcPP3d1XybOJJWGbOwgW0Vsocp-32KXZE3MftmTggSx4SBdQwDjP9APmjfkSqw4qQhDkA_OC1ChexsP5OdCnlzmgXKaBqmxbmGms0-XnEl7ZO9tAUSh8Ym5DP2LMlflItospNSa59ELDYgjRz03-jLvGAZioid6xhFp8SBRApXKlyIibzS_dNNH622fGxNA-hVD7QHDcl1IesekLiqcs2Toc1qsTHyb5LXgpph-4B-OUAtV-EQmkTwlmlATKA1bXw2JDLAnPi53EzCIZkybiHQtB38SnbeD1HesW4kP05rizY6k_IS4qHTyW9zIEb2DwU2qFgLN_WR33Mjap7aGDYzJ8w4zUkoyk3zYrJxdStgGL7jYIOABqnB-1PeJMsUet4rq75ikSimaDZGUPZALrap44qrwLAVynrEsqxIs0Qf0pk1bB1EFXseTzJyQ9cnfQGTVfWAKWttLKfVhHI2pDcleN3dmdGkNgAyjdlbop5Rpf7Pz6enIYbmfg-0dP3QQza2TeVL5f-2s82weeSLxN1C4ladLLNySAMEBD7X1fcVV2Jfqd7fyE3ggcNMhcmjVISdqRxLyKFTPU_nrVIeIKHXGkzGsf9iHe3qQb5mj0K6YiTdE__8ZW8ysZl3ZX5FM2gsLFksD8NNfOPdkpKr49Uip6Hr_OnAiP8RJatossqKJujJzOS4ibIvX52Fbvzf7w8yMl_7i4ehqZpniGiX6C4pcNPMhhuqjbIHkmOHPKYwAvnkpJJLaIH8FuUSxmaNIu2xgqNocs0AG7jxAnb4g2JUaG1nLW5be6-3EFLakUgrz0YfnhFLMdJJLDm0h-jj7s_lsAbMyUWAfbaBno8yduCDyGYUDQSu1j4AcNDHvVlmtbzGn4RHv-vD4O01Xn4by-gopFfWcw-D5h2OhbUsZn-Cd-Ev95-8mhWgDUS-4Ll11ECMdn7vUcvB0f_pS6O3kOLxGJzMWFHWx9GV1RrFN0szTVzVGR-aBQ9G5ZYop1C-Czz_ycEOM29WRWJUmvua2ZRJhR1Iv4z1PSg6E2u8wkIBdQmmYEtalmEKk2_XNc8bdmACMSU8Asgnu7iJQ224ifUBFrWQcjAZboXJjwoIgCuziM81uE7oclFMErRcHC2wyeNMu8Dx17hpNTdG6VMPj54QGEb2LSLBRyw9aqLVaYHv1OoU0W6iCGngPcxwZ10Xkl4jN-EokNXSVJhr5NBWJbom_3rBrdK0wWbjgz2T036q758SuXmVoj84UfYlaoeoCtRTcc5ZOuITqhQf_J3fePmSF9JpIuAj4CbHiXmzdH62hRZRiTJYGP-l8MsGfI3vXX4anJeZc2VtKd32rHC5PqyTPXkRFTiZr4Dhj-hCu613fIAWwNErsRyYAbxaur59lTQmgIMzGBx3xTbq8H5KXsdT7IIXDUl2etJYzIZUfkiWi2LADJTdKF4TcOIvcy1H64&cid=CAASEuRo-A11PAyavN_pZPf1MTtf3g&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3016455354&sdk_apis=2%2C8&sid=E1B925BB-586B-42D3-96D2-DAF965E52C1F&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&eid=44725355%2C44726393%2C44750824&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624661&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f155.1e100.net

Software

cafe /

Resource Hash

33d0a4921bc88eea163222527f8d9baf4efe21f32200f52df483f498afff9703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13050
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 11FB 20 KB
13 KB 41ms
41ms XHR
text/xml 74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AxJCWec35nPyONjhhv_PSbLNWQ_dcOwqDKW3noMYWkuhSrV8FHvIUVve2hvFLEjD3RzHFQ03YXga-J2IMHD8u45K-_2g&dbm_d=AKAmf-C9WjB0WbbB-3qglJBhR35OwDsxiERzfPGpWOT918XhAF99VeEqEGV6yNF_UpUwwRaNnrkIc4nbQ021y94LNh8e0XrNrskElVlAmj7WHnpWapaILWY5D-DKup-63ND28Kxj0AFezZ2XvC6-oTBeQxCmJgNwBWH7YGb0NjaEPmyJpRNRr1emQYlLPF4LyOEobX5RMJMyXd2b1-2Bi4cgxzpBr5jo7vBPX9bioeoWyQPrO5OxPqAtWzGyhUFLAMExVP4fi3js7BUj14n3D6Oc-UvZ5xq2d8wwdrrWA7jGHDWumbyq6NqlXRzmSpjKlh4q6OQEISdi9DWL9bjqHOTs21qrMIrNQx5ldhGDlYJ67DoemlrkVHEdlQUnlNOIK7NVp3CpvKOLy-R2ERtnvDzAbX0Z70HXnFXCKFyaZeZXmbUXK_LqcstZcX0jRtcOiSPmLmxvDoMJ_IYILM-vg9vwtIiuRLIrhxKlMTL4KmjJqBLQh-bdQ48zrEzah8WWZZXbTobg3Mp6u7NDFXqUocM85xBOEsMhQduFBE88cdnkFoFpBZPUvjF6MSmTFEmdkCYZGY1xQDCLuuv_cAGifPyqCatxUHkuWRBEmkKjQ1NSyWvW4ttz2PBNjHBR1N2EGBH_LB6CGx1o8LXe9yG1nnWYt4eaL4H-3LXe7uyNVyOMRm4RIrHEUW1R01y9MwjElYaz2_Xhtfi7OQZZixRrtCVt4wQ9nSJ8DCDZ4rA8y4lKj0FODbAtUt-c2AViTrZ4z13CSXzb1tcVmy9clrQbiwb-9V5JKNAYXo5Hf-8888a3GcjTB_Eo3M4sx5plysWAyZ3MpeDg1cZg0Xcds_GKdBypez5Yu7Lff0ldbXYDufo97I4lplkfhOyRvwM_zu5PJ4lnyFwAUek9tl9gIlHNSMYiqsHRJ3rItnimBkhtJZFP8Dou521ZNGmYzhA1RSYPDup26Emw81DcEcikDg-9V9z6fsy7V2_zJ4AFgBukdOK2PeZyM4e8iN6E4a0q-RDD23tVk8m8IcGxSfq3wlLoiPe21E9D4a_DvESiHaul7jXp6AmAh39Llz42O129AEPgt4JnoZt2-uQj78qr2xVvcUu2niTEaB6ctrdxWzKnGopeFXt3daKZ1X6sYfAqCE46PCc5okK5akXzg3QHr3L45B8MMdyX5zir5Kl3a_cgDwohmMnjDRwz0HGjxQttXTozdnUi6qT0myPe4gFE39wZWNpF2PCoqbCzg7eAz9cu-BMD8k9Eb4IhfD_cJ_8ZgSpn7R_GIiVsE8o51PHoPhEzanmVNmlKpA-wW-QJ6oAj485uQbmWACPkttXpoeKSXrrDkWc7IIX-Pr-KfDPzYibd3r-HaGal4z3voL-8bGT8yJpNx5f5xiq5o8vJVX55DzuOhXOTrN0K4BoKDYI57BlMNMvL2rVUW58ucqfirc-5a0q_G4-ypodmQoihNDjJltd_Zi4Qot9OgfmYfRuvZuUZsjKrHunVeNfNIpNJa4nHD9yFUf7ZfcSerS2yQzyggzA1pMQt5UTHSx6EJUnrzuni12sJLV66szAEjAyzZOeTBhz9RZ_Ume3dEtJB-veMukcnutBPDdZfn3Sgt03ByTKeaY7-9AknEU9f1qUNBJcJplnoc6zTfdCKUrFNHQE4w4RtKZouHq__lQhuXIdcqf7OUW3VcR3Kukc6ST9wJhQeXtCTJSCbPU8aDD_kba5CiKXM2LZ1qBM-hI0o90X68Ui92Kekw9HewU7xzDtyPZGD-5TRElvTCGFstrIzI_wY9wwT2_8MPjs31a7WRpNMtWfy6X_1RAAqz-jWJfwfOAvw6Ayceb0lvsIR1s3v9FlyfOEAVnkXhzKI1CqvAjV2UHD_wPfLqG9xWRSINqmPy5VPkg78IkWCObU4PdlFacQGGmvidf_Alnt3RyrFXHPrX35kgpiCPfVe7L4NvsezQQoA08RC78YSDVZurbkMvgK7fqpEXn7zi8B2LIHdFAlVMF8P-njvfc9iMMr6xvaHwTmrITOmZpjnKkriqcx7pCNrfVB6ASkujAgIYtfrsSqOPqRMrFudZ9JAJE61Oyd_16_yNUsgZKmeqFuDL-SA9Put3GuHYg96oTb_xF_zI5EPpWNAjnjWF7dAlmbjNsFzPDDbWn-F7NUT2wSZJt45eAXHl9msX1s7v5HvfnjwEJdGfrPVWlZJh6ZePOJgAs6HQwzSQmYU9dg6opgM0ksg4AqMH4II5sAinTRTfOELMlUimoyejLidPR-sLerYpFoMzIdzzgHqmD8SJ1EWhWUMjp4Z4KB7uWnyNm5vNPEoj_0AdydCmAdtgrEtTY3DfHvJsos99Wb7_aNOmZLZ-KjY-8_o3yA3XXC01YkbbfPsxCDLG2GiiPx3mywFGSN46iAxq1bPVCGiZKTDpIKcddbZiIZbyBI1u79FxNTISW-Nu3bXlDlA2tIbVuWV8DaRO9Cru3GwEGEnt1t9KJudRgDLLRZnsafznmLJmYvnqXWqsBeytVEtwO3qHCdLl1KYBaqpgwLr2gXW03XPqW7EtjHjfy8j57qSzgoYEB_G1tJIaNyKsBvhIu78JKt1AVIodC4c20UQwL5BMh_mpnKz9e_QD5FXPEoejvoTktPfLE4-DfWvoSuAlKR1WG51SvnNlSG17MOgvneVDAn9BGNdqDniKapEc7X9tcTFkdIx2GeulilrFRCDIKOeUqSU-8K-ktPhjPu0gk9s3qrORpaP3JTxEeV1BppaJuK4pdSZgoL5cNDGpKVHtnAaNWmlJlGz3P-w9gAo7-0x3ux2LCRJFw6bRIHy0UftOvTP13Rn-uZv18sVEHuKD7IpIQyeEygYkgwusU4XVRwZwTuOToaQIOIlfct-RoOOVfHxKNHanuZavNU9Ww_E42BhexEi9lwJEzHw37GcF8sUbVsCz-8SgskScTft--bBL9G47eEmupeoUS4hGeAKtRNiMPhtX9HZlIra7sOVV0paqV366MASsMLB8Pbg83gqYFC6XxPN7HMwroLTxSK4AHET8hMcVhjYhQ&cid=CAASEuRojpzyxazchhKZ98WJtWogBQ&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1797510506&sdk_apis=2%2C8&sid=CA530A1F-1E3A-415B-9988-1DF402E8F89C&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624728&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f155.1e100.net

Software

cafe /

Resource Hash

664ce4c687ca727ce1264ae7cea7e535d4c90830e554ad899ac76d013630bc9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12765
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 53504714 Show response
unified.adsafeprotected.com/v2/674773/ Frame 4010 23 KB
6 KB 170ms
54ms XHR
text/xml 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/674773/53504714?omidPartner=-1&apiframeworks=2,8&bundleId=[BUNDLEID]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N1224241.150290INVITEMEDIA/B25129528.291797966%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.491.0%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D3016455354%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://vnexpress.net/%3Bdc_vast%3D4%3Bnel%3D1%3Fves%3DdGltZXN0YW1wOiAxNjM5MzYzNjI0NzU1CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzczZFbFJDWUJyRmpXeDZUQU13b3VLcEdDQlQ4U0luU3NwOUg3WVJSbVRCNG03dVhYRUQ4M3F0a25kUXRBRnpIZFZvNnUyTmo0el9Kd25fUC0tb1c5WWRta1BpZHZuNlAwSV9jSWtaUEFJRkdLa1g5ZmtTWFlnaGpQekYzT0RfRWRBVmdINkVfU21DVlpuRzRROE5UUVdiTUxOZ0pmZlRnTFd1aEVpSEVxSmxVUWtURlN2SFNOcWtjbGctdGdmcjJ6S25lUnR3VXB3eXB4QlVDa1NUY0t6Y3dsWVU5Ykl5dV8wT01zZkYxVjQxRHc1RVZOdW5RbUp2cGxCNmpOMmhVTGE2QmFOdmlReXNVWmJiNE1sOEtEamEyUGotLUFkNTEta0tFUkpVZnV6aGZteFgzWmZraV9wbl9WR0RybXZJTFJYMklGYlBSZWJ0MTBCbWpNR21JSkZPd1JiR0t3My1JMEpRU3lEOUl1NnBwRXNURUFXc0E5d1RlcDBEMkEySkVfZUtKZGZKdWstQ1dYa1g1MUhNZEZzSzZPOUFaY2tJeTVKdDZ2X1h2cFBkWHZBWnNCRVBXUENrSHBmUWJKbjJGbGtDUU9CVFh4ZGtqUzM3aDZFajJGbUZvbWZjb0M0TXdvZEFEc3h2bENYRW1FNEhDbDZzVUlON2xWMkN6ZGZYUXRERUJwcGg1VERDTWV5aFZoQWRnMTdlalZla3VOTlFKOGUwSV81VXlvMkp2T3RxTldUMkc4dFpSbFNCOFFUam9YalFwOXhSTW82ZmpzQlVURmdmbGFjdTBEWlBib0VNQnpDbGJYSUFEQ1BENFR5VUxvMk1DS3BkeGsyckRsWTVKOGkzRWFSWWkxMlVCUGxLbVB5Z0lySzJ0QVQ0Xy1wV2xsVGsyUG9VelgwMGJsQk5lRF9fTkE1OWc0WW0xdlh0d0xQTk5lQkdZcThNZ2VkTFh5bWR4WUNRNU42d0JZNTRXdFN6dDF2SGJuMlh5WXRKc1NrdkpERFBsU0ZOT29XZFpLcHlCd05mYkRHNG9BdGtpTVlIdnVBWWQwUFl1dWxCalM1VGdwUDNiR0NERkZ3cnBmcUJjMnNPNUtGZ2FFdVVGX2pzY1NYYW9KUmF4NlZGc1JuTHlXeVZFaTJyQkpJeXR2VW16azFyalVWV0pPWWtxZUJNUFNpTy03eG9jVGk3TU5KUHlZaVN5QTBZdS14OWFsalNnWUZRYWhIbFJaYUNWc2hRQ3BXMXhRN0wzNUViVnJWXzNKZFJKZUdiNXBDbHJhYTF4bm1vbV9fQUJ3UVk4dHlhS3dlSm5tRk9mMm43cmx6eVFEc2NTVndhMmptcjdsYWxvSHZYMnczSnR6eWczS2tUQ2hvbVRYdXhmS21VRkUxY2lOeHlPTEdvT3ZscEtEcHFFRGl5eVc0bnlrZzk3SHlQWXFpWC1rY2t2TV9URWdaeDlnTmxWTjF1dVVhRkozS0hHX3c0Y240bWJydXVqeXJrTTh0Zi14WFJ2aWllUFpkbGRabzdoQV84OVBwcjZWNHN6WjRJRDZMNSZzYWk9QU1mbC1ZUW4wYkMwbUlGdDBEWFBvbU4xUjNjMk13Tl9LNUhTeThDSmVob2dUMjB3N0E1dXMwRmd0N3F3eEo3R2FzbTRUTGE2enUwenJ0QWx1RWkwbmhtSW9mdXN1aFFDbmRnOFdnNVlzT0MzWVZOWldNMWkwUG1WUkt0cExHYXNmSzdkX2JMdENNSUdqX3BqbW1jcS1CS2thQV9iWUp0dGNFWTNjRDU3cnVJVyZzaWc9Q2cwQXJLSlN6UDJQQlgyUDZDZThFQUUmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmliZXJvZ2FzdC5kZS9wcm9kdWt0ZS9pYmVyb2dhc3QtYWR2YW5jZSUzRiUyNnV0bV9zb3VyY2UlM0RkYm0lMjZ1dG1fbWVkaXVtJTNEdmlkZW8lMjZ1dG1fY2FtcGFpZ24lM0RpYmVyb2dhc3Rfb2x2JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D161128267%26dc_adid%3D485067232
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ce71ac1632c662d73bcd4da3aad1c325078efa0d5a98314ecacae5e78d5a1ebb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:04 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 5281

GET
H/1.1 200
OK 53504714 Show response
unified.adsafeprotected.com/v2/674773/ Frame 11FB 20 KB
4 KB 171ms
55ms XHR
text/xml 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/674773/53504714?omidPartner=-1&apiframeworks=2,8&bundleId=[BUNDLEID]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N1224241.150290INVITEMEDIA/B25129528.291797966%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.491.0%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D1797510506%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://vnexpress.net/%3Bdc_vast%3D4%3Bnel%3D1%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5MzYzNjI0NzU4Cg%3Bdc_cid%3D161128267%3Bdc_adid%3D485067232%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0337c1c5938482b38354b1163d0fb97e00cdd1b8992090526b15a4f1e5012103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:04 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4043

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame EDFD 20 KB
12 KB 54ms
39ms XHR
text/xml 74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AdngqgKsNWhQhrVXeA94iN2cdO3r6KUlqQn3GNHAFpl3WKJaZDgfUAql886CVNBGPeLVEVoposSKtboxZ3NT17dx0Icg&dbm_d=AKAmf-CPjRME3dD9VEatngMskFk9UHuwmOnbsgKCoQ5hM0iiMRMARAOJUnGf0Qb5jZi8-YOvSCYKynqWwqoAuETNDL3LgLyt4HFpGI_q72VTybMUIq8SXe738AcPeBqqw1eCKNg0PC3QlXv9He8a6furKSYgqnQEDoTCGUYwz5aOi4A_ii7wR5CmUj3AcQk3OmQv0KR34mcsSV_fwkkzlAb00mlBKuUyGL9VTOvsIb0G58j57xdTj-6j7TnkIkFpSxP9nBmMDuc6B3VceaSM-l3w3-CdlHwh9Sey41bnyr5LkfSUURZeA1WbXfmX1jCfSrdKWzB7chBLgYODCW7vDM0PbQEjTh3UP2LsZL6SFtOUZwsXTc-2piJS0GrUyfRcDt8SNf8rgBPna2J03DNZd2L1_bSSlUGrtSXhymQ9poIdeOgZBLRWLcg5qINpAj5TjIJZ6MywvE8oM4elx_zOKpqhwMNUPUjoJS4yb9Xd-xMEk8J7C2NqUtt7u-MpHC2tAt3iBEHpivfddKfgjchDk1hoYMjk4fvyeyR3prCDUu-nESavBITpirdK8zdBcTSGq7H2Ka2gJgev998eXVVysFNF0QVeXMKuNNr_7eEruEivVX_hd87hzfK6gkByBYTCTcXi9djuKUhq1NllsWR5BBF07QXQSGfFX_NP56tRvZuXtvErt-_bPcvHqUqf8UxRt8Sxk722Ep7zHrqkp8TlspOHrdO6M8ocqlj2b3DU_L_Kq1XNcy9ZFa-9hNEeVu748yM_fPFNRXWMz_udQfmHVRF21pYApI0PKmMizrJZ-S_m0Ba67cSXOIrYFZypyNqOnDpcrHPE3q_TQl3BbnLdamhNINbzKbIqY6a53uw1WxlPkq_N722Xh3Jk0ChVkMn7zVYdGicItw8APIVXssVm1jYED34gYKIbhWhK_K6VPPcULQN7H4J3k66jg5_mhmfJUAi0X2A69xEe-IAoeNdTM7rDSZzLckoPVLdQKiSZXWU1EZDRjOXOp9BhbYYvL6mlRT4hNLSzZzIvNZRG2_mYhAcNN4_gz7gaop9M7xV0xaf5eCIwkm7JSnrXfN8BVi7glHATt9MFmgfWGuC4Anwz31OaKOBvLJhUvndgKRMGpRSzXgPJDgtEQ5X7nz3XjUHsC08A9gO_6-AKuH7LQYAbz_vt1Ef_VQTSf2DeNoGS0I5Jo4IJpg7pTHx9XUucVyurO_QxCw9GgJWtAzjKeDDjVvZgaQUbFBTcv6FzNzH0kpP6OOjzXR88d-mrX82ex6mg5UBvlgQRT_iCEnS3-LGiE51rSd7a5-Os9mRhA70YkC8IgYS0GI2wHaATKuA4qxx3Dh-8TYr376nJx19eK2jS7Gc0PC07yFRPOZmrvH36gUfaF3HMpwhHTrTJwhCfkaF7C5_EXDGkzC3KuTF3ApKz5NuhdC3YoIlzFoa4IuZUEEErHzGcobtqhNnnsT6FMY8Of-c4mgvLjmqD6qJFkuvkoADNlKTj0-VAQfB6FD4SaV6iyRWItI9_Xj-Zb4MZBAOZlJEo-zAngYzN9WOIRVoN_a-SX7ZcK_pNIWU3npDGhQh19iolhLD8LJeHoZt4Z2uF3v5hcnCnsaXE0uiFdoxAkpX-93KM774Ym6PJ0bSURXO0PjUoGsGy5_05SmclAc2PxClZaF6yrrnaUG7if_DTTFcXniNqJ4tm0A_4IH1t5tOAKUwao49PwP3_OQl07dskny4ec6LyOG01kg8YpJFp6QHPQjOTfvzVU3IwYOh6ceH5qcwoEthqCIJtlyiTbtc6QNySO1DC1NSsrenK4ouh-S18nVt4xxckJqHE78YlN-UAC1MPwOFXnR9tHptHIU55pRvpyJdNGgOMTUj2xMhP8SYft8Idiz-zQnS96d07kqX2fXX8ipvB8aIh6d0FSD2reG1Zffp4bnVSynd_ZE0lisZHTykacFFIJkOqphnIs1ibUqFJyKGVe8SC03CYuqAlaOnuwnAimZmtfhSr3-O43sYyaVToiBJfwinfrXjNzpt0Pz1PNQCOf80X_qPwWG7cXXVWrKqebbbRFPt-vE04I68Ui9-Otq39IAgAz1EVUHn47iLZKU8GVwNWB2wz5Homuh67ZwD8tMQVxc8pxt8qtX73FPzzhRPOX0l2mMXy7KZw_29TgfR-WtJX_dprUdzch61Fo4znYHDRMP3Y3-ia3KyDE_KPjeJQQNliBlYga2uMH_hJgtxs9uOAskkaGdBBG-z9N1_8e_73nVjdzte1YQvfSZl3Ni0T4cJQdrBvqrmsTJwSUHNUUqBYeRTl-UOSUFAiD_1H_kMSH6KQevJVKMxhedb2llF_8-GAOA-dI-QK_xnZ-18If1cjjugZyNrOXYo_s1_ZTjUaGPFS1nN0uVWS-puMZw-TWbrg-kFohrO_xtZnTrNzkSsIojdfx-6-Ror1lpVYmkIhyC4mA7rwll36TyWhL7HIFeZMj2pAXq_dGmXl0yKoVqP6vHRwt1oPIVHJDk3h0cJjtzG6fVrTi15Y-oEZmqwwKPpxCx_vDvlcXpLcrk_OvaboHETnXw1YPdywQTnjyoF47v8221z3kS2ptZAAi42IIxYWUQ5b7nMhMHGNRikAY65RKAfRiyeskoaAji5-BakQRZxgVEPJ42dOWxmK5wbG2L_DCH944bOINvQ7hxQqt3UX6Ul4KYf0eTXn_pFGqqWDGUcOknVx_zkcO9kE95Fy9LR2jlI8B_u1CpMdYehvtSSLnzwqbAh5aARHLTeTfglGfOzttDeGHWzaOZxFmqb3q3V_tStZ7Z6qiSnX3Pf-AMy0rpUJJH1eCII25BW68MgPyJw2VfgzQq0tyRvB5TX8IjBbzTXhgw0FHqrI4ppKBNFYw7OjvLOxbbdf7nCnIeQG&cid=CAASEuRouCZCidsZCSOAayoFyhuBgA&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3944034456&sdk_apis=2%2C8&sid=CA530A1F-1E3A-415B-9988-1DF402E8F89C&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY1fK-jdsvRQAAAAA%3D&nel=1&url=https%3A%2F%2Fvnexpress.net%2F&dt=1639363624926&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.71.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f155.1e100.net

Software

cafe /

Resource Hash

428c87beaf264c0c882275b523456e71cc6804a22b21a81a4da3f140c678146a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12588
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 581 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 53504714 Show response
unified.adsafeprotected.com/v2/674773/ Frame EDFD 20 KB
4 KB 55ms
55ms XHR
text/xml 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/674773/53504714?omidPartner=-1&apiframeworks=2,8&bundleId=[BUNDLEID]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N1224241.150290INVITEMEDIA/B25129528.291797966%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.491.0%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D3944034456%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://vnexpress.net/%3Bdc_vast%3D4%3Bnel%3D1%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5MzYzNjI0OTcwCg%3Bdc_cid%3D161128267%3Bdc_adid%3D485067232%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 58d7fee27e924a01b7fce18d3e7f9fe790eda5980569808041d635886d1d09ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4049

POST
H2 204 csi
csi.gstatic.com/ Frame 11FB 0
327 B 328ms
105ms Ping
image/gif 2607:f8b0:400c:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kx42rw6a&c=3354042720433&slotId=1677021360216.5&qqid=CM-b_rPh3_QCFbEViwod5j0A-A&gqid=KLS2YdmgH5KgrATIq5B4&fb=ima_html5-lima&sdkv=h.3.491.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&vmfc=19&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11FB 42 B
108 B 41ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11FB 42 B
536 B 36ms
17ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 11FB 0
0 47ms
47ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C0uEjKLS2Yc_nILGrrATm-4DAD438rMxi4bXE4M8Np-uivcABEAEg7YPjTWCV0oiCmAfIAQWpArkqj33C_LI-qAMBmAQAqgT0AU_QognJordff1VUAIced0py0MEccfMfkeOKCJsbj0A-RUfk53w2aGyZ1qAgeZBTxUnPrkz78EEQ2S3qQGCYA06hzbsuI7KSKyjxLwVEWA-plkJ87b4e5JHiyLBwRr57048y_Dhqcd1Ze-mkeGkCxN8QB7OSiygcaIbk38kDQb4vvBtWxvOxR9Az5ahXLiFoz5R2e1XODAPzttve5_dXxrA-trcx0DbgR8hrPuceAnVUq8g9qMm7oRvZCaAuq4NVgziE2hwNKxzGxL5IMYZsiBNHQCfAwwYJhkHInbnT0d0zOAY9MfCRxhznRbnf-gU3i8mOZ0zABKah4qa8A-AEA4gFjqjxpi-SBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4LJgrYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwsQ_svQAhic4YWaAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzg4MTY2NDA1OTA2MTAwNIAKA8gLAbATxuWZDcgTqbWpCdATANgTA4gUA9gUAdAVAYAXAbIXHgocCAASFHB1Yi04MjY4NjE4OTk5MDM1NjU4GLvzIA&sigh=CqmDtoUVa90&cmd=Ch1jYS12aWRlby1wdWItODI2ODYxODk5OTAzNTY1OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSPACNIrLM10y-QfXEG50ocI0M9kkdca6_OMlyjtmN-sTfwgphGsLAW09FnxwkbjEuwoA2XE_fdTzq_oiikA&vt=10&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNA0wEKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0AyCl8IARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAuQFSHiUAAJhBKAE6CzE2MTEyODI2Ny0xQgRHRENNUABgARgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 34C0 52 KB
18 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e147d896ebd3583cddf601abd3e48546c343a06cffb3c3eaff9de4ee57db63d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18588
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 17:49:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:57:15 GMT

GET
H2 200 fp.min.js Show response
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ Frame EE42 31 KB
13 KB 49ms
30ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

Requested by

Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=70163936362230&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a315420550b792ed0451e0f09aa3947707368048f866861d9d0714884181e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://optimize.urekamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21517
x-jsd-version: 3.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19136-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"7af6-z1vukt764U2qjewzD0xb1z/VEEU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6bcbdda15b414e44-FRA

GET
H/1.1

200
OK

data-apnx
optimize.urekamedia.com/ Frame EE42
Redirect Chain

https://ib.adnxs.com/getuid?https://optimize.urekamedia.com/data-apnx?user_id=$UID&uid=70163936362230&url=https://vnexpress.net/
https://optimize.urekamedia.com/data-apnx?user_id=938033878257425291&uid=70163936362230&url=https://vnexpress.net/

95 B
371 B

613ms
225ms

Image
image/png

125.212.217.26
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.urekamedia.com/data-apnx?user_id=938033878257425291&uid=70163936362230&url=https://vnexpress.net/
Requested by: Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=70163936362230&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Protocol: HTTP/1.1
Server: 125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.20.1 / PHP/5.6.40
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://optimize.urekamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
Server: nginx/1.20.1
X-Powered-By: PHP/5.6.40
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: private
Connection: close
alt-svc: clear
Content-Length: 95

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:05 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8d4bbb67-0565-4f73-afcf-3344162f2c1d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://optimize.urekamedia.com/data-apnx?user_id=938033878257425291&uid=70163936362230&url=https://vnexpress.net/
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg Show response
secure.adnxs.com/ Frame EE42 0
1006 B 24ms
23ms Script
application/javascript 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=&t=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://optimize.urekamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:05 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6375832d-1b46-4d2a-ae07-5f4dde7c3a3b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4010 0
54 B 263ms
107ms Ping
image/gif 2607:f8b0:400c:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kx42rvy1&c=3354042720433&slotId=1677021360216.5&qqid=CLWw77Ph3_QCFdsD4Aod-qsJ0Q&gqid=KLS2YYnqD9jagQfT7p-gCA&fb=ima_html5-lima&sdkv=h.3.491.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44725355%2C44726393%2C44750824&vmfc=19&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4010 42 B
64 B 39ms
24ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4010 42 B
64 B 36ms
23ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 4010 0
0 44ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CJLqTKLS2YbX8EduHgAf616aIDY38rMxi4bXE4M8Np-uivcABEAEgsK_iH2CV0oiCmAfIAQWpArkqj33C_LI-qAMBmAQAqgTkAU_QNXvy_hPyRpBUuMfXtA3WVAU8sBOj9wxHXOcleuas9UDblIRxn2pCPdjKhxJOlGIR2CXeebcqVsjOwnaPdA3TmIU6SaqSOI6TibIrU0u6PaE1RN88Byva8tG6G356OO_x8OcfLii6H8bCHA4yPxKeXTe8YgCgjwhzC6X6VBdPJ4K8-4TR6o2iZj_x8WKhHxXAIweAQsX4ceKKpnYq5IZrDn0wkOMgt8xvqe5ZKGudpnETrBhqb2G5M8CeNC4wRfhPb2DAFNV-fe-KClwZje8ruP7Z4nuM0Q8GHy72QGQ5hbcOfMAEpqHiprwD4AQDiAWOqPGmL5IFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHgsmCtgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHCxCq9JsCGJzhhZoB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03NjkyMzM3NzY1OTI3ODk4gAoDyAsBsBPG5ZkNyBOptakJ0BMA2BMDiBQD2BQB0BUBgBcBshceChwIABIUcHViLTU3MTcwOTI1MzM5MTM1MTUY0IoR&sigh=DjS8jeFx9iI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSPACNIrLMYyXC46pJsSL-3ByhCP7c7WxVN9Jg4nDfTAdbQJLcoqxKnLUUYTY8LkilOZtZtLM9oOazyKYppg&vt=10&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNAkQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0BzCl8IARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAtwFSHiUAAJhBKAE6CzE2MTEyODI2Ny0xQgRHRENNUABgARgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 38C7 52 KB
18 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e147d896ebd3583cddf601abd3e48546c343a06cffb3c3eaff9de4ee57db63d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18588
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 17:49:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:57:15 GMT

GET
H2 200 vpaid.2021.12.06-18.16-53fa379.js Show response
static.adsafeprotected.com/ias/v1/ Frame 34C0 176 KB
42 KB 72ms
14ms Script
application/javascript 2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 19:23:47 GMT
content-encoding: gzip
age: 372199
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Dec 2021 16:04:48 GMT
server: AmazonS3
etag: W/"a646de29f94b35023f777c84e6559a47"
vary: Accept-Encoding
x-amz-version-id: hyJglT2AMtiKneQgCKziicxwLGehBl.d
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: 9rCn5PazgyQkWOlSgMVEKgiNBDOrWEFaPPEFYJfctUDVS_kBPVC5TA==

POST
H/1.1 200
OK get-data Show response
optimize.urekamedia.com/ Frame EE42 11 B
325 B 587ms
233ms XHR
text/html 125.212.217.26
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://optimize.urekamedia.com/get-data
Requested by: Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=70163936362230&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.20.1 / PHP/5.6.40
Resource Hash: d754119bbec82eb1b4a74b38d4e73071fdbaddbaa887121839b92f7d3d636b2f

Request headers

Referer: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=70163936362230&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBsURr2oWoVTq8HH8

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: close

GET
H2 200 vpaid.2021.12.06-18.16-53fa379.js Show response
static.adsafeprotected.com/ias/v1/ Frame 38C7 176 KB
42 KB 52ms
21ms Script
application/javascript 2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 19:23:47 GMT
content-encoding: gzip
age: 372199
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Dec 2021 16:04:48 GMT
server: AmazonS3
etag: W/"a646de29f94b35023f777c84e6559a47"
vary: Accept-Encoding
x-amz-version-id: hyJglT2AMtiKneQgCKziicxwLGehBl.d
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: KLFlevHmx7sKz0x9idn0z5toxhX1G2CQZBr0BYts-6vqk6ZCIlbwYQ==

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 40F3 0
732 B 19ms
19ms Script
text/html 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 02:47:05 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5913c90f-6a8d-432a-8bdc-82730f15ebf5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/674773/53504714/ 229 KB
70 KB 118ms
33ms Script
application/javascript 34.240.93.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/674773/53504714/skeleton.js?videoId=f197c3edd1374dcb3730b154882db538&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a&adsafe_par=&logTestResults=false
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.93.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-93-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b834a65f594b203142edfbf3528c4f910d77d870f100d09437534dcbd6a2cf44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET file.mp4
gcdn.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4... 0
0

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/674773/53504714/ 229 KB
76 KB 116ms
59ms Script
application/javascript 34.240.93.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/674773/53504714/skeleton.js?videoId=92c88f83ba635122d98f266797e29d5c&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af&adsafe_par=&logTestResults=false
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.93.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-93-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6f741451f5fea978cd0bfd74da71a35b4fc07656ef865f2ba7528c401fc1c4a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame EE42 95 B
496 B 38ms
15ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=3099&ta_partner_did=70163936362230&ta_format=png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://optimize.urekamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:05 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,i...

1 MB
1 MB

53ms
8ms

Media
video/mp4

2a00:1450:4001:5d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3051E4C1E259557667B802211E3CD909F3179633.1AB41E9F7B1C70A697B51D7015BACBDB8D6AA286/key/cms1/cms_redirect/yes/mh/UG/mip/2a01:4f8:a1:1a1:8a::1/mm/42/mn/sn-4g5ednld/ms/onc/mt/1639363232/mv/m/mvi/3/pl/42/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:5d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cf24c9c6a6c6047b30f25465fce39a284911ad73329b8dee04d158835492287e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Nov 2021 17:04:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1211969/1211970
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1211970
Expires: Mon, 13 Dec 2021 02:47:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3051E4C1E259557667B802211E3CD909F3179633.1AB41E9F7B1C70A697B51D7015BACBDB8D6AA286/key/cms1/cms_redirect/yes/mh/UG/mip/2a01:4f8:a1:1a1:8a::1/mm/42/mn/sn-4g5ednld/ms/onc/mt/1639363232/mv/m/mvi/3/pl/42/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 11FB 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 10 Dec 2022 15:45:55 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11FB 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTOYzKLS2Yc_nILGrrATm-4DAD438rMxi4bXE4M8Np-uivcABEAEg7YPjTWCV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgT3AU_QognJordff1VUAIced0py0MEccfMfkeOKCJsbj0A-RUfk53w2aGyZ1qAgeZBTxUnPrkz78EEQ2S3qQGCYA06hzbsuI7KSKyjxLwVEWA-plkJ87b4e5JHiyLBwRr57048y_Dhqcd1Ze-mkeGkCxN8QB7OSiygcaIbk38kDQb4vvBtWxvOxR9Az5ahXLiFoz5R2e1XODAPzttve5_dXxrA-trcx0DbgR8hrPuceAnVUq8g9qMm7oRvZUaGUv4t3HQoWEJuRSb1atViPfm-rrZ6jQawM0BgDJUvhhQhHLdy4_rYpH-hKMcOorFxL6CkvQ3sKBe1IUNTABKah4qa8A-AEA5AGAaAGToAHgsmCtgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc4ODE2NjQwNTkwNjEwMDSACgOYCwHICwGADAGwE8blmQ3QEwDYEwOIFAPYFAHQFQGAFwE&sigh=2crskPWe-2U&label=vast_creativeview&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D794%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1783%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1639363625145&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNA0wEKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0AyCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAuQFSIxAEJQAAmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01I7AFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,i...

1 MB
1 MB

22ms
8ms

Media
video/mp4

2a00:1450:4001:5d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81F9AD76AAF41860608250919B6437660CCABE4C.4A1F409CDADAB8291E56E1BE054D6B2CC3446BFA/key/cms1/cms_redirect/yes/mh/UG/mip/2a01:4f8:a1:1a1:8a::1/mm/42/mn/sn-4g5ednld/ms/onc/mt/1639363232/mv/m/mvi/3/pl/42/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:5d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cf24c9c6a6c6047b30f25465fce39a284911ad73329b8dee04d158835492287e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Nov 2021 17:04:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1211969/1211970
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1211970
Expires: Mon, 13 Dec 2021 02:47:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednld.c.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81F9AD76AAF41860608250919B6437660CCABE4C.4A1F409CDADAB8291E56E1BE054D6B2CC3446BFA/key/cms1/cms_redirect/yes/mh/UG/mip/2a01:4f8:a1:1a1:8a::1/mm/42/mn/sn-4g5ednld/ms/onc/mt/1639363232/mv/m/mvi/3/pl/42/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4010 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 10 Dec 2022 15:45:55 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4010 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjyZfKLS2YbX8EduHgAf616aIDY38rMxi4bXE4M8Np-uivcABEAEgsK_iH2CV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgTnAU_QNXvy_hPyRpBUuMfXtA3WVAU8sBOj9wxHXOcleuas9UDblIRxn2pCPdjKhxJOlGIR2CXeebcqVsjOwnaPdA3TmIU6SaqSOI6TibIrU0u6PaE1RN88Byva8tG6G356OO_x8OcfLii6H8bCHA4yPxKeXTe8YgCgjwhzC6X6VBdPJ4K8-4TR6o2iZj_x8WKhHxXAIweAQsX4ceKKpnYq5IZrDn0wkOMgt8w3qFRNIEkDlOPZK4QIzv3I1QfR3ekVyBxO5KzTCt_dd8aSu8jljGTtCOr3-qB7DkDv-rrkbHzxNzNs3TjSN8AEpqHiprwD4AQDkAYBoAZOgAeCyYK2AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATxuWZDdATANgTA4gUA9gUAdAVAYAXAQ&sigh=2VzYCsDode4&label=vast_creativeview&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D1149%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2001%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1639363625205&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNAkQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0BzCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAtwFSIxAEJQAAmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01IxwFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame D72D 23 KB
9 KB 10ms
10ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 09 Dec 2021 04:59:25 GMT
expires: Fri, 09 Dec 2022 04:59:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 337660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C6C 23 KB
9 KB 10ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 09 Dec 2021 04:59:25 GMT
expires: Fri, 09 Dec 2022 04:59:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 337660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 85E2 80 KB
21 KB 12ms
12ms Script
application/javascript 2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6287915
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: t6-M6YumgS729aof4AL2cw2nlVm3T3uLGaXUg9O-3m208Oz6vP4tMA==

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 7A79 80 KB
21 KB 12ms
12ms Script
application/javascript 2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6287915
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: netQu_7dd4swv6rkYvbe-3YZnumB0DA5NCGXssfABwb-dxJLZajfuA==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 556ms
167ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNVbD,pingTime:-2,time:116,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6141,beZ:6142,mfA:6143,cmA:6144,inA:6144,inZ:6148,prA:6148,prZ:6155,si:6159,poA:6159,poZ:6184,cmZ:6184,mfZ:6184,loA:6205,loZ:6205,ltA:6256,ltZ:6256%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:18%7D%5D,ve:%7BvEventCount:4,vEvents:%5B%7Bt:-183,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-165,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-137,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-3,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:116,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:env,slid:%5BAVplayer0,videoslot,slot,av-inner,av-container,aniplayer_selectJS5d81ed7928a06164620898f0gui,aniplayer_selectJS5d81ed7928a06164620898f0,aniBox_Slider_1639363622412,sis_richmedia,rich-media-banner-ads%5D,sinceFw:96,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame D72D 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 23:33:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 534ms
179ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNVca,pingTime:-2,time:78,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6212,beZ:6213,mfA:6214,cmA:6215,inA:6215,inZ:6220,prA:6220,prZ:6226,si:6231,poA:6231,poZ:6248,cmZ:6248,mfZ:6248,loA:6272,loZ:6273,ltA:6289,ltZ:6289%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:19%7D%5D,ve:%7BvEventCount:5,vEvents:%5B%7Bt:-283,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-239,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-187,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-5,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:38,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:env,slid:%5BAVplayer0,videoslot,slot,av-inner,av-container,aniplayer_urekaJS5ea26963e792ea55c7264da7gui,aniplayer_urekaJS5ea26963e792ea55c7264da7,aniBox,sis_richmedia,rich-media-banner-ads%5D,sinceFw:57,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C6C 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 23:33:12 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 34C0 35 B
174 B 32ms
31ms Image
image/gif 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdm5leHByZXNzLm5ldC8ifX0sImNiIjoxNjM5MzYzNjI1ODg3LCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjc0NzczIiwiY3VzdG9tOCI6IjUzNTA0NzE0IiwiY3VzdG9tMTEiOiIyMDIxLjEyLjA2LTE4LjE2LTUzZmEzNzkiLCJ4c2lkIjoiY2I1MDhiMDItMzFkOC00MWIzLWI2MTktZGI4NjFmMjdmZjVhIn19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.js?videoId=f197c3edd1374dcb3730b154882db538&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=cb508b02-31d8-41b3-b619-db861...
https://static.adsafeprotected.com/skeleton.js?videoId=f197c3edd1374dcb3730b154882db538&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a

17 B
17 B

12ms
11ms

Image
application/javascript

2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js?videoId=f197c3edd1374dcb3730b154882db538&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a
Protocol: H2
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
age: 13716669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: kf6TX0kX-koek5Yxzlh_y51m3DeHoPTnJn79PrwAhVphSo-ztDPyxg==

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?videoId=f197c3edd1374dcb3730b154882db538&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a
cache-control: no-cache
content-length: 0
server: nginx

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 38C7 35 B
174 B 31ms
30ms Image
image/gif 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdm5leHByZXNzLm5ldC8ifX0sImNiIjoxNjM5MzYzNjI1OTE3LCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjc0NzczIiwiY3VzdG9tOCI6IjUzNTA0NzE0IiwiY3VzdG9tMTEiOiIyMDIxLjEyLjA2LTE4LjE2LTUzZmEzNzkiLCJ4c2lkIjoiZTY2NjE0MjgtYTZlMi00MjdkLTk2ZjktY2Y3MGE0ZjI1MmFmIn19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.js?videoId=92c88f83ba635122d98f266797e29d5c&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=e6661428-a6e2-427d-96f9-cf70a...
https://static.adsafeprotected.com/skeleton.js?videoId=92c88f83ba635122d98f266797e29d5c&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af

17 B
17 B

12ms
11ms

Image
application/javascript

2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js?videoId=92c88f83ba635122d98f266797e29d5c&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af
Protocol: H2
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
age: 13716669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Aim3pyFU5o4EoMZQRA2rKge6NFrBVcahLXSr6qQyjiEM6pMC7D9dcw==

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-server-name: app26.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?videoId=92c88f83ba635122d98f266797e29d5c&apiframeworks=2,8&bundleId=[BUNDLEID]&xmapp=0&xmtp=v&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 11FB 42 B
107 B 89ms
43ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2334%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625145;dc_rfl=1,https%253A%252F%252Fvnexpress.net%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11FB 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTOYzKLS2Yc_nILGrrATm-4DAD438rMxi4bXE4M8Np-uivcABEAEg7YPjTWCV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgT3AU_QognJordff1VUAIced0py0MEccfMfkeOKCJsbj0A-RUfk53w2aGyZ1qAgeZBTxUnPrkz78EEQ2S3qQGCYA06hzbsuI7KSKyjxLwVEWA-plkJ87b4e5JHiyLBwRr57048y_Dhqcd1Ze-mkeGkCxN8QB7OSiygcaIbk38kDQb4vvBtWxvOxR9Az5ahXLiFoz5R2e1XODAPzttve5_dXxrA-trcx0DbgR8hrPuceAnVUq8g9qMm7oRvZUaGUv4t3HQoWEJuRSb1atViPfm-rrZ6jQawM0BgDJUvhhQhHLdy4_rYpH-hKMcOorFxL6CkvQ3sKBe1IUNTABKah4qa8A-AEA5AGAaAGToAHgsmCtgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc4ODE2NjQwNTkwNjEwMDSACgOYCwHICwGADAGwE8blmQ3QEwDYEwOIFAPYFAHQFQGAFwE&sigh=2crskPWe-2U&label=part2viewed&ad_mt=240&acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2334%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625145&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNA0wEKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0AyCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAuQFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01I7AFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11FB 0
27 B 42ms
41ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11FB 0
61 B 93ms
50ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuE5iX4thpZp1ueOoeQq0s01vwUE6uBXIqCa451sCLClxpv3r5G2biw_KJDY0qoD50ZBzjLN7axz5MRmJQo5YRTTLgqbx14twG2KsmDzaHDYYsQwwz7z1ZcAWxeeb6nVRghu0MDbmQZsugzdowj23qQwI6610EZVL7JraULj1UEhgFgoja7HPSSjobQZIqOYila60OZP14PIhkAXFwYMDH5G9PaQZha4zu1cC-k3O-zQPfFJgIxnIH1oEcsoBMRqkmiV629NhT2WWMfeTcPGKn8pFjVTfYzNzgzmlOcQZdxS0A1NYkRG6JWMszakUVAKO9h4Stc2d93E5Lz92pndEEPpBPh2LmtasOYdGTNy_kxJtdZDDwpGFFvjU5gXy50_4sLenG_It0POH4J_J2JzxkzHVEed3fdVamUYG9ly6o8_sJT9LJdSe5YaTJ7P8A0RFAH6u1h4QgryKuDR_MJcKxDysFUWvaWxf8QAIKp-tB-78cJhSM9tFORzOm_M55j7T0Fhbu0oFqELkFjO0BWNyaRlyrN4jyxyAiHIATN90V4cJ50TAdkdJAozg3htKmVvh1PpngOusX8fwykTGGR3L7BMMcwXQ6srNfxE6wrnmDIqcPFRMi-Xw-QEIuUxmCWNsnLu2aGu_8Quygnwuh6LlBemeMIvRNQxG75hudAINWGefMho4wRUmpOTn7sZo188B3bxsTPRTnz1Vue11dqTNjiRE8mJJxv97CPaXVa3QJwcXQh1VWPv2LZeipQW0MnABg4LlPDRZOZtScARpYxeKdOfTeJXKXG4ukIxs_YdZGZgJlNeQk9yzLI6CaufYiRQfwxUIgwPSPYiYOlSsDZeG-Qychar2oN3EPXG2LWwPB2LYyRlCiCmuSQdX5pBa-xrEEXLeSYaC4-UzHvfp7s_l1enNgUXVJj4QVhr5eT7E99lS3hfltXmxUwuK7OnIksOWsfdTLEKh_QI2ot61VDbRXKOQfwAFZcVNND9A7kwN_8cT3L5j8I04WrAsDvcfMlNU57ab6cjgAMC9os2zfJ77sPT3-qtww95cTgiXskupNAe4vQgN5522pnoaa8vNmO9i5-3iQbHMGcNFUdcJl8qDYHXUVtiI-dnupXWLp-JYyWlc9B3CkZ5CMuHto1YoH-QGYJmW2Jvhnu_KjwX7VYLi9Mn6d4vGvbBGAipyzkd4jkUoORtB7ZDt8&sai=AMfl-YQuaV7QLuoW6Wsm3oVNjGcODtFG5gvCsQMV_-Cys_UVwGNmPSQzBFCerfjzEenuc2EEsRFPDsJxHO_9e9ZMBQoSEH9pIh1vdc88iABdCbsdrhz68I8w7sb7lj83oB4mQSSfoN1JpamicuTUcNQD2gg12pnqdg&sig=Cg0ArKJSzIPxZJKWE2yYEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.491.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 02:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 11FB 0
0 18ms
17ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvqywIQv_rOAhic4YWaASABMAE&v=APEucNX7_O9To7tMQilPm8P8B4FTYVnR0ppR2QkSl45Xr6rQxmCHi2JhDq5fImziDsILqwtaCHFbM33M_SlvtHp2Pfb3qKiqGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 11FB 43 B
66 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 13:17:08 GMT
x-content-type-options: nosniff
age: 48597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 13:17:08 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 11FB 35 B
174 B 33ms
32ms Image
image/gif 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiI2NzQ3NzMiLCJjdXN0b204IjoiNTM1MDQ3MTQiLCJ4c2lkIjoiY2I1MDhiMDItMzFkOC00MWIzLWI2MTktZGI4NjFmMjdmZjVhIn0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiItMSIsImhlYWRlcjQiOiIyLDgiLCJoZWFkZXI1IjoiW0JVTkRMRUlEXSIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2MzkzNjM2MjQ5NzAwNzIzNzMiLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZQQUlEX19XRUJfUFhMIn0=&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 11FB
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.gif?xmtp=v&xmapp=0&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a

43 B
482 B

12ms
12ms

Image
image/gif

2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a
Protocol: H2
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
age: 11097152
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: yKt_pmJfjmIGuHnr7Th8kwydO5YzO3_1UK5XREhqs5-QJzpiWM8T_g==

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-server-name: app23.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb508b02-31d8-41b3-b619-db861f27ff5a
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 11FB 42 B
494 B 84ms
43ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2332%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625145;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 11FB 42 B
71 B 45ms
44ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoxAcNWH6bHdpsqfb9iZvUriatrRtN9VjqzRFp8RfuQDzxfIEJLw0kC3YYcXzzdjfWEtva9vaB5zuKagMQl0w-Dt9TTS1kQtZ0l88-&sai=AMfl-YTjFYxvS4zAHIp0mvs4mnYyMV73Gvxt3UUhzEzoATDU5Ot8f1pJqhl_ceomQye5FDQ1H6s1pyGuUiOqPc9QFBmH9EgDCZBIj848Y8HWTuwSobXvoC10vqUohpFf&sig=Cg0ArKJSzMikZR3Uii3VEAE&cid=CAASEuRojpzyxazchhKZ98WJtWogBQ&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2332%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625145&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init-1118laf8ur58pv1xytjm.js Show response
api.fouanalytics.com/api/ 471 B
977 B 201ms
173ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1118laf8ur58pv1xytjm.js?di=vnexpress.net&ui=1639363622392-936944863393-007097-008-008467&md=2&ap=&sr=aniview.com&pp=5e4d2a2d2a62e7166c1db7a5&ti=a18143d299197d55ece54d4124a7c504_1723150228_2968543&de=2&si=5e4d2a2d2a62e7166c1db7a5&dm=400x225&pi=60938ff57621683c2c6776a3&bt=programmatic&gt=DE&ac=5ea84900c94b8975a9508d38&pc=&cr=&c1=59c9148628a0612da3689288&c2=5ea84900c94b8975a9508d38&c3=5e4d2a2d2a62e7166c1db7a5&c4=5ea84ae409a41a723a209314&c5=5e97fece3706f1266619c969&c6=5e63d10e28a0614d2b01395e&c7=5ea26963e792ea55c7264da7&c8=609387fc30e4144ceb33dcb8&c9=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e0ddff0a3d725c4477735ebba178a84488ef215497fd97e71db72666d32a1a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hg6wofxiB1mIQKkdwjQnaoaRHwhVj7PfJ%2BfpESTrIqvw3j7ch0kRZdYbYddBUUaHPT7ZmVuH3hIGZrXjytxcbHoBlD2BDciLfBDkhWtf3EpqHKIo7SYGPTdNxq%2F9k2qtyziZLGBGGR1RdDjY977y1ksJfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6bcbdda679726963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: 0

GET
H3 200 ureka_logo_white_89x65.png
bd.urekamedia.com/static/logo/ 2 KB
2 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:ad49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bd.urekamedia.com/static/logo/ureka_logo_white_89x65.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d569b3809a5bb3ea042e90e5e15403ee2208fcf17063f83009610ede46f6396e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293599
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1744
last-modified: Fri, 26 Nov 2021 08:07:42 GMT
server: cloudflare
etag: "61a095ce-6d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTdfWPcWokxzuazR%2BDTQC2zv7RoS7Y39FGKlYzm8H%2BB37MRcqabA0mJMwFRz79eXVjKlosSf%2BXgneKAvbjCYJsgcC0z75JsJjNPmMmnBo4zE%2FJPkE6PJHmTRbGjIJLG2PZCMAwvGeFScCETu6TP%2FXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6bcbdda64ad94e31-FRA
expires: Sat, 08 Jan 2022 17:13:46 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=19.008&vi=100&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=impression&cb=1639363622538&ad=19.008&vi=100&d4=1&d5=3&d1=vpaid&fv=3&stk=1&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 112ms
111ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=start&d1=vpaid&fv=3&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 4010 42 B
107 B 54ms
44ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2566%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625205;dc_rfl=1,https%253A%252F%252Fvnexpress.net%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4010 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjyZfKLS2YbX8EduHgAf616aIDY38rMxi4bXE4M8Np-uivcABEAEgsK_iH2CV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgTnAU_QNXvy_hPyRpBUuMfXtA3WVAU8sBOj9wxHXOcleuas9UDblIRxn2pCPdjKhxJOlGIR2CXeebcqVsjOwnaPdA3TmIU6SaqSOI6TibIrU0u6PaE1RN88Byva8tG6G356OO_x8OcfLii6H8bCHA4yPxKeXTe8YgCgjwhzC6X6VBdPJ4K8-4TR6o2iZj_x8WKhHxXAIweAQsX4ceKKpnYq5IZrDn0wkOMgt8w3qFRNIEkDlOPZK4QIzv3I1QfR3ekVyBxO5KzTCt_dd8aSu8jljGTtCOr3-qB7DkDv-rrkbHzxNzNs3TjSN8AEpqHiprwD4AQDkAYBoAZOgAeCyYK2AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATxuWZDdATANgTA4gUA9gUAdAVAYAXAQ&sigh=2VzYCsDode4&label=part2viewed&ad_mt=264&acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2566%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625205&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNAkQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0BzCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAtwFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01IxwFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4010 0
27 B 42ms
41ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 4010 43 B
66 B 10ms
7ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 13:17:08 GMT
x-content-type-options: nosniff
age: 48597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 13:17:08 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4010 0
331 B 56ms
50ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7EcTR52EYn0J_8CqcZsnXlNr5-ggNUzbYo1XmNOivTqoG091PVyOOZfSHlINESIMRWRwAaEHxB9yGl270c-_VvxPePVcceGYaVLMyMnE_AVIW2hSElTqd37UFRjriq6b0tOGjxp2N_UxWMdFvP2Xpg6s_jsHjjzUR7dUL16_WYUSgXQi8sntPjSx6tQw9A7u8fnKZH2Pq0EIPxBqup8kPubNVescs1GaW3VbOjOOscN4PaDIUxHb4C7VURi9gSQPvnA6714u6yWnZiU1cfHyymckXkQC70KLxRGgzIUZJYEDlPn5dhRz43XA4ZEBniBduYlI-hq_64sAG-5XF5vG--cxWlPhobk95PFBmAbZ4WNgEBLB7MSdrA8deV9Su4egLpxAtRG9YEcnwjxptnasSxBiXw19FzBtgikZMMUu5vedl5JJw7uFvIKMsLeUX1frKEu0MpFgWVt2aU1895Sdvf-yWdHezfSm0WatbLqtnauGcYvnUZ2qr--5akxJQpYge5D4uosD83FHK7pA8tPw41t1dpr0w-cpcmkQCeUoQhro4y4Ltt8lvPkPAmNYTPf-MwqNI1E4m_awi_eOHQVd2-RLm-d60KVm2aSex8weRFtV8pjobzhfGwDmZPxAIBvhAx0gxVP6nKcN3q0LVm0cI8aamyoenBTnyiHxBOVZaIssdZLqtsBAHixtrkydbQ91IweKg08tVLgdrGQ6NgUS0VKVfkN89NP2dCUxv-62XS8jCn8Wsyp0PNsPE9B-xv9poGweKk0SRZ5kmI2_POB6g7akLPZmk-jNN4sLhJfyv3oB0Lfnt3VD2olPs8zn0K2r7S6VQA-kGwTOWlsoICFVaw_Ir2kSBMpamLgEMtxjWXTibvx4sII4rKXYzbA11OhK82e0DIU86KeQ3vkXFcNYU62Kd9RcBsI80H2zbnDnQcalKZsgDASpksJpomUAYRdu-wGoJhqRup_1SmUD-RPgm1dByM_GI6bhwEYs2k7F_JkEW0u89hVm6nq-TJiacogo8ek2-UqN11UHftX0GgqbL1XvzfgvZlFfY_hXqyW8kVItkDmEslo00T_VfQRj7skFfQW3HXIIP_l_7G2NlhDVtrAWJmGBmHCVtc8fLugd17FSSp0SyfErpaCEXxaEWzL2ji4v9_ZegY3JpOeFkpaCqaQ&sai=AMfl-YS-R0b_cnkFLNeyijw2Y9oZ3iWZ04mzbdgEAUQKUMGVCCDdN913ojXmnzjou31Mgms7K7ccZeQ12T-7ntHY36QdQxRcfKSNTdy2I_xqGJ-Y7Ke6pfdScVU0hlRcW5m9fc9PppjkcBeSdbH3968jbAsXsnIXmA&sig=Cg0ArKJSzPLMaTGnYqWaEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.491.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 02:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 4010 0
0 23ms
18ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvqywIQv_rOAhic4YWaASABMAE&v=APEucNVB_NKpsJ_7_SNDMvrJ6nrgtQxTXxKoyvfMsFJmAIWdLzdvzqmI9_ev0jUepErZMi7cPrSJPF8S_x6P9kD2qzncQr1MSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 4010 35 B
174 B 36ms
32ms Image
image/gif 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiI2NzQ3NzMiLCJjdXN0b204IjoiNTM1MDQ3MTQiLCJ4c2lkIjoiZTY2NjE0MjgtYTZlMi00MjdkLTk2ZjktY2Y3MGE0ZjI1MmFmIn0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiItMSIsImhlYWRlcjQiOiIyLDgiLCJoZWFkZXI1IjoiW0JVTkRMRUlEXSIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2MzkzNjM2MjQ5Njg1MDU1MTQiLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZQQUlEX19XRUJfUFhMIn0=&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:05 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 4010
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/674773/53504714/skeleton.gif?xmtp=v&xmapp=0&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af

43 B
482 B

13ms
12ms

Image
image/gif

2600:9000:2190:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af
Protocol: H2
Server: 2600:9000:2190:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
age: 11097152
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: OW-hwz-OanvYtuUN2_R27OnPDalbJT4c9GZDVSDqhhdcIglcL53GYw==

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=e6661428-a6e2-427d-96f9-cf70a4f252af
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 4010 42 B
107 B 49ms
45ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2565%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625205;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4010 42 B
71 B 49ms
45ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAIsCxwJ8r5ejLvu8UxNEzT7ike28upjNwnar5A2M-rQnuxigIDZrGpMS96d_lIoCWOIdQmRGas6vhrkGgt8S7QJuVThzkxwfF5Lmb&sai=AMfl-YRttmYu-SRSnIe5h2l9EREflhn7S5-3PEj4ojIw8aY2osi6X1aGq0kL05XQ6CXxaRrWrOM9aL83rE2T6a0XHckihypJjPCe7ITW945xYod9J3MlWXXRLAMV5cje&sig=Cg0ArKJSzMX3C_9uEL8MEAE&cid=CAASEuRo-A11PAyavN_pZPf1MTtf3g&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D19008%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2565%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639363625205&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 199ms
179ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNVhx,pingTime:-10,time:482,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639363625995%7C%7C666f6cf94ad47600746f8af2501e95cb%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cb38e5b1813857c79a0fb38ba48420126%7C%7C37de17aaabf8258305aff2dfdb6140b8%7C%7Cf8f10bbe81a95a24e969b7f708660867%7C%7C5ed02e56e4692ea32ed1d8690fed0930%7C%7Cfeec605917a8133510f56cba297a258f%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=19.008&vi=100&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=impression&cb=1639363622661&ad=19.008&vi=100&d4=1&d5=3&d1=vpaid&fv=3&stk=1&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=start&d1=vpaid&fv=3&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C6C 0
27 B 43ms
43ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.491.0&bgai=BdPCwKLS2YZubLcKabc2ns-gFAAAAADgB4AQC&bg=!CwilCEzNAAZKWFskSlg7ACkAdvg8WpbtqOKZy61ZB_YmixXPICSxVST9nf2-57Euk1cm4QBHy9gkbgIAAADiUgAAADRoAQcKAJ0ihZ72NLLYTh1lzewnNnDl3dRvK4F-AFtAfbHSDMIPs0pZI-6jiLe_JhS5oqOoj6r1D-I1T8M86EoYZuPRHKmW70SJHsjQ7jenvdh1mpqNxYw1x1wxWf4tm-EXFx07VnH9CebTYugArNE5U_LMTcYUVHnaZA55P3sbT4utKltQ4nxBrOwsYKOvxzVIz4hwTH8njvXThlmcVBa9W1fhmQLbfCbeJI92cU2GxNxenxNwdq8z72veaE-CIUvBeAmC_qTBh0kj5_iWnMGcMM5Esi0y_4z4gFTjExdq2MJDNkGyx5HXpivXJJxVkRqBv8lQ0YWz3dmGRpQ6lVQyscZ88h8QJ-ettd5q8I-CdvhbeG3-iLARQ1Ll_yYSrbekvifocBuo7sDuONjF0qIUJsDt4Do8w86oUf4oSAOwbYcOEyRVStMIDCDL2Mzj5LbGR4xIrf7EwuaXZ-duoxKaHENNq-eouoUdkAfdL02yjs6_tehM0LMjI4F8c8oiEJ5NTy74H3am0o-0m99UyaccdLGIsIZ5-npFbD5oXgbBnHqHp1ipoLUfin_MP-DYvJOFz_uxToOvKd5irZ17SlO5gTcl-Tv7OCe2hX9GkePuTYxiTyAgwaqNVoTwJqFlOX_U2soIC5WkyFufgW7muNfQIs-Sf6uKf5RucQU_65vRhitHEj6ZO2jaWuWXeJfKjKPIFjD4g4yvkBNVxzjblNc4TmuKTw87DSbL7OmYfcu3xEN_QrWSlfIiL30X49lHqUX1Dc4VQvJigIiYyBc5NkQpod4i67sytnB2SdXCt_TWx8pou3m7WgYbFW9vhQld9KQy7Hbm7q9VnwuJhD1CQ4DqWe1_PcOF63x8wL4hBXBZr7eHY6tidB2d7A7KIDVXWH_XdzSAj-Iq7r4VzkHsT8j8cwuheTe6NBZGcdCwKd3HpgxGUiezSYds9gbCctDXWZA6erkgqhhBEASPrmMBWyXjjGHfukZU7yL_lo-xFgEuZMwvnP4xd1ELgyK_McqYl15-kKLHo1XZrQpXqlCAJ91zOv6jC5temHAiHCUTD5Ms8YSIPR6sgTWaeIdHuoITX6ryZngKCDQYOB-efmHz3vfrzlc7FT75XLfIbuASuFX1-4BMXoBCivJM4g6zznungGNwU8zCjF6hEdCustXqHlPtmmDSMPuSpNSBf-Zu8fNLk_g

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D72D 0
27 B 42ms
42ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.491.0&bgai=BC3HqKLS2YfXILY3Bb8iCi4ACAAAAADgB4AQC&bg=!SUqlSg7NAAZKWFskSlg7ACkAdvg8Wm51mNf_RGRSVRKe4du4_Eye2YajSxaanBQZPBgVXGc-4VAVlQIAAAELUgAAACxoAQeZAup8L355fTfvfWa8aEa3GfuP2LfoE-CBaqzcBuYxGWf5EN7xFyrSbw1eiSmw7riuc9kmhrc17Jo4gIHCgEDnU21R8OLA1xDL4AetCEdcqM27sacFj4jkQgRbrNa2MriQu3xs_436ysJj__v66HIMiwrW-kYLswAyfFB_X-3kgWhZt5YacHyDcnhM35jOY8xDOIdNpcPElHKT84cUt9vI-bvAQGLKAr64zLIhdIQS0W85Q6mYHKh1WfyvLctzF8rhhs2i2IP7LzRUzMHPGc3ERsLnTcHu7lSFXjNXTjHBgYjFK8cF7YkuidmoaSjsP1KoEwEwE95OaKN4QtUiCfE9pOzByElVQMuzGBaH3wxWoppNjOH_ozhtCqQZVryrA-LSgYdBC4iAlwrSgyer9WnAjPPnOfAXC7Q9VG6QGQgGf08sJ9_VC44XqesukmHPQsoXui79e6DWp1q1zD_kN0Vwot3ykYkE6-S-F6u1-k46AA2Qx5jHJyuRblGqFFmBfkGFPkyz4QU_afr4siIQY9tWgFyAISBAcK-0L7-Mnhksmn7iQOcX_KdiqKbXXrYtfGe_HD34gMZ1YMCbbgzIrtT6aKZNP3n4qfdyI615XR55PmEfu1t-c5HzfsRcyNV57jx-xQPxp81UzkNn_Of40MumEUA0FkgnYE734_CBl3tugImH5HYI0IgUOMqGprU7DVSqmtTTw9Nru2kJAUa3z8LV0PX2aVxggGpPc5YqhZFPy_Q_LkjdmJZsFgzv545vrj-4bTlf1SRx07jllq2QP9-3myKSmbvUWhLAinRyk9M1N4-RjV8eeHoAuG4El3SnfIpW33oO0quC0fjAOOOSTxESOFQXX9FiEZB_8LwOdxHDz2hufSvxRsEtHY-JtWvMAKR-uo27amVSQEzuoLdX_YOq5NcEVHDH-aj33vWhZvWZS6K6hfW1KEctyPwuRdVVMc63e6BtI6MW_L2X6HdvhifvFYv0zapMtImDV2UjOA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pp.js Show response
api-35-163-20-150.b2c.com/s/ 13 KB
5 KB 42ms
14ms Script
text/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-35-163-20-150.b2c.com/s/pp.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3862144b6d9d6ca9ec6abcbccaac4b8c2c42339edd91c1be60b4066a8858c280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 20:43:27 GMT
server: cloudflare
age: 5246
etag: W/"61a7de6f-32f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq5ifH0SHvYVyO9DXKtRTgZvIIf2xZqfpatXWOH9Vx07BYe%2BLgO5dorxTMK8Yth%2Bzr%2BHwXsasTfedBkxiI9qvodtioAOd4GHYIUac1%2FYNxlcvYEAhMcOnXiClC6cyrGKU2bT6%2BjvEVCi%2FTqPvKPSg0r4ruUROO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bcbdda7fa4f7039-FRA

GET
H2 200 ad.gif
api-35-163-20-150.b2c.com/s/ 43 B
381 B 12ms
12ms Image
image/gif 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-35-163-20-150.b2c.com/s/ad.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:06 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 20:43:27 GMT
server: cloudflare
age: 5243
etag: "61a7de6f-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAhd21uDcZGPl42MSTjw4diO9zEx0tDJQUVl86zwFSN5QBZyBNI5Xjd7YEaw4p368YC1tAnQPUiYHpE%2B39C%2BWp5N8JzPIjgHDU7ECEtCbaZaKwc08%2BXOdXmhZiXvxzkvg%2B6PzD2TvnMzLfpcHfrS%2Bibdb15ftR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bcbdda89bb57039-FRA
content-length: 43

GET
H/1.1

200
OK

4 Show response
v4-api-35-163-20-150.b2c.com/api/
Redirect Chain

https://api-35-163-20-150.b2c.com/api/x?0g0DVeg7yzHdzmBg$dXJsJDAkaHR0cHM6Ly92bmV4cHJlc3MubmV0LyIsInJlZmVycmVyJDAkaHR0cHM6Ly92bmV4cHJlc3MubmV0LyIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAw...
https://v4-api-35-163-20-150.b2c.com:444/api/4?0g0DVeg7yzHdzmBg

0
141 B

527ms
173ms

XHR
text/plain

35.163.20.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-35-163-20-150.b2c.com:444/api/4?0g0DVeg7yzHdzmBg
Protocol: HTTP/1.1
Server: 35.163.20.150 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-20-150.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *

Redirect headers

date: Mon, 13 Dec 2021 02:47:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-35-163-20-150.b2c.com:444/api/4?0g0DVeg7yzHdzmBg
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRbVS349YG84V%2B36aCJ57YTAd5T6dieKWHO4iZf%2FeUrKGzWzXvkCBDlUgdOAjbxM43PqiOi0KaPF%2FTEoD0ZOXslv0MNVNBth10r2dwqAJPe4Ba1CY6VO%2FHF3fk6gTgw3SKK84%2BiBL16hXZ7dtOYn54xvuh1IIV8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6bcbddaa58e44e32-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 168ms
168ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNVu6,pingTime:-10,time:1190,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639363625995%7C%7C666f6cf94ad47600746f8af2501e95cb%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cb38e5b1813857c79a0fb38ba48420126%7C%7C37de17aaabf8258305aff2dfdb6140b8%7C%7Cf8f10bbe81a95a24e969b7f708660867%7C%7C5ed02e56e4692ea32ed1d8690fed0930%7C%7Cfeec605917a8133510f56cba297a258f%7C%7C1629390669,sca:%7Bspg:de932e4b-f6b6-7b26-3f9f-bfec690668ff%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 168ms
167ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNVvd,pingTime:0,time:1330,type:pf,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:18%7D,%7Bpiv:100,vs:i,r:,t:1329%7D%5D,ve:%7BvEventCount:23,vEvents:%5B%7Bt:-183,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-165,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-137,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-3,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:137,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:161,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:255,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:404,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:404,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:404,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:454,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:521,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:527,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:537,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:545,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:647,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:713,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:829,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:833,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1045,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1296,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1324~0,1~100%5D,as:%5B1325~400.225%5D%7D%7D,%7Bsl:i,t:1329,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1324~0,1~100%5D,as:%5B1325~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:232,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 168ms
167ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNVvH,pingTime:0,time:1289,type:pf,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:19%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,ve:%7BvEventCount:22,vEvents:%5B%7Bt:-283,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-239,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-187,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-5,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:38,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:99,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:287,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:303,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:304,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:447,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:456,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:485,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:592,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:692,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:760,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:944,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1192,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1283~0,0~100%5D,as:%5B1283~400.225%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1283~0,0~100%5D,as:%5B1283~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:566,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:06 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 /
track.adform.net/serving/unload/ Frame B705 35 B
503 B 19ms
19ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@44725532,4780823100717848615,0|0|0|0|0|0|0|0|0||0|1|31|ae44b4ae27d93cb4af9117fb0dc11d74c87ce469_1|||1|0|0|-w1ZSV2e0p3i5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 111ms
110ms XHR
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 02:47:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame FE39 35 B
469 B 19ms
19ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2093463165018036868@@49556873,142536044486860950,100|4651|0|0|0|0|0|0|0||159|1|||||1|0|0|Z8-jqbOXeiFcPlakbYq96TyEi3zlnUED4FSD68j0ZGkUL6LXBGmQL4m3nyX34Xgm0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad23.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad23.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2031,0,0,0,0%26mtos%3D2031,203...
ade.googlesyndication.com/ddm/activity/ Frame 11FB 42 B
63 B 59ms
44ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2031,0,0,0,0%26mtos%3D2031,2031,2031,2031,2031%26amtos%3D0,0,0,0,0%26mcvt%3D2031%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2031%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1571%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D1284%26dtos%3D2031%26dtoss%3D1%26dvs%3D2031%26dfvs%3D2031%26dvpt%3D2031%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D4361%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2031;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 11FB 42 B
71 B 44ms
44ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoxAcNWH6bHdpsqfb9iZvUriatrRtN9VjqzRFp8RfuQDzxfIEJLw0kC3YYcXzzdjfWEtva9vaB5zuKagMQl0w-Dt9TTS1kQtZ0l88-&sai=AMfl-YTjFYxvS4zAHIp0mvs4mnYyMV73Gvxt3UUhzEzoATDU5Ot8f1pJqhl_ceomQye5FDQ1H6s1pyGuUiOqPc9QFBmH9EgDCZBIj848Y8HWTuwSobXvoC10vqUohpFf&sig=Cg0ArKJSzMikZR3Uii3VEAE&cid=CAASEuRojpzyxazchhKZ98WJtWogBQ&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2031,0,0,0,0%26mtos%3D2031,2031,2031,2031,2031%26amtos%3D0,0,0,0,0%26mcvt%3D2031%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2031%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1571%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D1284%26dtos%3D2031%26dtoss%3D1%26dvs%3D2031%26dfvs%3D2031%26dvpt%3D2031%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D4361%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2031&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=19.008&vi=100&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2198,0,0,0,0%26mtos%3D2198,219...
ade.googlesyndication.com/ddm/activity/ Frame 4010 42 B
63 B 45ms
44ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2198,0,0,0,0%26mtos%3D2198,2198,2198,2198,2198%26amtos%3D0,0,0,0,0%26mcvt%3D2198%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2198%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1538%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D2527%26dtos%3D2198%26dtoss%3D1%26dvs%3D2198%26dfvs%3D2198%26dvpt%3D2198%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D4763%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2198;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4010 42 B
71 B 44ms
43ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAIsCxwJ8r5ejLvu8UxNEzT7ike28upjNwnar5A2M-rQnuxigIDZrGpMS96d_lIoCWOIdQmRGas6vhrkGgt8S7QJuVThzkxwfF5Lmb&sai=AMfl-YRttmYu-SRSnIe5h2l9EREflhn7S5-3PEj4ojIw8aY2osi6X1aGq0kL05XQ6CXxaRrWrOM9aL83rE2T6a0XHckihypJjPCe7ITW945xYod9J3MlWXXRLAMV5cje&sig=Cg0ArKJSzMX3C_9uEL8MEAE&cid=CAASEuRo-A11PAyavN_pZPf1MTtf3g&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2198,0,0,0,0%26mtos%3D2198,2198,2198,2198,2198%26amtos%3D0,0,0,0,0%26mcvt%3D2198%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2198%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1538%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D2527%26dtos%3D2198%26dtoss%3D1%26dvs%3D2198%26dfvs%3D2198%26dvpt%3D2198%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D4763%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2198&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=19.008&vi=100&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 110ms
109ms XHR
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 02:47:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 178ms
178ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNW1w,pingTime:2,time:3333,type:p,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:18%7D,%7Bpiv:100,vs:i,r:,t:1329%7D%5D,ve:%7BvEventCount:33,vEvents:%5B%7Bt:-183,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-165,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-137,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-3,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:137,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:161,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:255,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:404,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:404,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:404,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:454,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:521,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:527,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:537,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:545,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:647,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:713,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:829,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:833,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1045,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1296,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1412,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1547,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1796,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2046,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2251,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2004,o:1329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1324~0,2~100%5D,as:%5B1326~400.225%5D%7D%7D,%7Bsl:i,t:1329,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2002~100%5D,as:%5B2002~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:200,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:08 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 174ms
174ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNW23,pingTime:2,time:3295,type:p,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:19%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,ve:%7BvEventCount:32,vEvents:%5B%7Bt:-283,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-239,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-187,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-5,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:38,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:99,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:287,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:303,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:304,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:447,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:456,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:485,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:592,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:692,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:760,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:944,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1192,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1308,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1441,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1694,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1944,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2180,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2383,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2631,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2007,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1283~0,1~100%5D,as:%5B1284~400.225%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2005~100%5D,as:%5B2005~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:204,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:08 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 track
track1.aniview.com/ 0
70 B 108ms
108ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=19.008&vi=100&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=sec3&vi=100&d1=vpaid&fv=3&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=19.008&vi=100&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=sec3&vi=100&d1=vpaid&fv=3&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 34C0 35 B
174 B 32ms
31ms Image
image/gif 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdm5leHByZXNzLm5ldC8ifX0sImNiIjoxNjM5MzYzNjMwMzcyLCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjc0NzczIiwiY3VzdG9tOCI6IjUzNTA0NzE0IiwiY3VzdG9tMTEiOiIyMDIxLjEyLjA2LTE4LjE2LTUzZmEzNzkiLCJ4c2lkIjoiY2I1MDhiMDItMzFkOC00MWIzLWI2MTktZGI4NjFmMjdmZjVhIn19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:10 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 173ms
173ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNWq9,pingTime:-4,time:4789,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:19%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,ve:%7BvEventCount:41,vEvents:%5B%7Bt:-283,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-239,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-187,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-5,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:38,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:99,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:287,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:303,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:304,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:447,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:456,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:485,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:592,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:692,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:760,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:944,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1192,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1308,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1441,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1694,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1944,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2180,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2383,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2631,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4788,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3501,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1283~0,1~100%5D,as:%5B1284~400.225%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3499~100%5D,as:%5B3499~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:177,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:10 GMT
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4451,0,0,0,0%26mtos%3D4451,445...
ade.googlesyndication.com/ddm/activity/ Frame 11FB 42 B
63 B 45ms
44ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4451,0,0,0,0%26mtos%3D4451,4451,4451,4451,4451%26amtos%3D0,0,0,0,0%26mcvt%3D4451%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4451%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3387%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D4514%26dtos%3D2420%26dtoss%3D2%26dvs%3D2420%26dfvs%3D2420%26dvpt%3D2420%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4451,4451,4451,4451,4451%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D6781%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4451;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11FB 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTOYzKLS2Yc_nILGrrATm-4DAD438rMxi4bXE4M8Np-uivcABEAEg7YPjTWCV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgT3AU_QognJordff1VUAIced0py0MEccfMfkeOKCJsbj0A-RUfk53w2aGyZ1qAgeZBTxUnPrkz78EEQ2S3qQGCYA06hzbsuI7KSKyjxLwVEWA-plkJ87b4e5JHiyLBwRr57048y_Dhqcd1Ze-mkeGkCxN8QB7OSiygcaIbk38kDQb4vvBtWxvOxR9Az5ahXLiFoz5R2e1XODAPzttve5_dXxrA-trcx0DbgR8hrPuceAnVUq8g9qMm7oRvZUaGUv4t3HQoWEJuRSb1atViPfm-rrZ6jQawM0BgDJUvhhQhHLdy4_rYpH-hKMcOorFxL6CkvQ3sKBe1IUNTABKah4qa8A-AEA5AGAaAGToAHgsmCtgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc4ODE2NjQwNTkwNjEwMDSACgOYCwHICwGADAGwE8blmQ3QEwDYEwOIFAPYFAHQFQGAFwE&sigh=2crskPWe-2U&label=videoplaytime25&ad_mt=4709&acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4451,0,0,0,0%26mtos%3D4451,4451,4451,4451,4451%26amtos%3D0,0,0,0,0%26mcvt%3D4451%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4451%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3387%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D4514%26dtos%3D2420%26dtoss%3D2%26dvs%3D2420%26dfvs%3D2420%26dvpt%3D2420%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4451,4451,4451,4451,4451%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D6781%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4451&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNA0wEKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0AyCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAuQFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01I7AFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=19.008&vi=100&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=firstQuartile&ad=19.008&vi=100&d1=vpaid&fv=3&stk=1&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 38C7 35 B
174 B 32ms
31ms Image
image/gif 54.154.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdm5leHByZXNzLm5ldC8ifX0sImNiIjoxNjM5MzYzNjMwNDAwLCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjc0NzczIiwiY3VzdG9tOCI6IjUzNTA0NzE0IiwiY3VzdG9tMTEiOiIyMDIxLjEyLjA2LTE4LjE2LTUzZmEzNzkiLCJ4c2lkIjoiZTY2NjE0MjgtYTZlMi00MjdkLTk2ZjktY2Y3MGE0ZjI1MmFmIn19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-42-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 02:47:10 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 174ms
173ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNWqB,pingTime:-4,time:4888,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:18%7D,%7Bpiv:100,vs:i,r:,t:1329%7D%5D,ve:%7BvEventCount:41,vEvents:%5B%7Bt:-183,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-165,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-137,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-3,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:137,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:161,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:255,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:404,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:404,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:404,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:454,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:521,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:527,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:537,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:545,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:647,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:713,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:829,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:833,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1045,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1296,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1412,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1547,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1796,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2046,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2251,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3887,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4887,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3559,o:1329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1324~0,2~100%5D,as:%5B1326~400.225%5D%7D%7D,%7Bsl:i,t:1329,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3557~100%5D,as:%5B3557~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:182,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:10 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4438,0,0,0,0%26mtos%3D4438,443...
ade.googlesyndication.com/ddm/activity/ Frame 4010 42 B
63 B 45ms
45ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4438,0,0,0,0%26mtos%3D4438,4438,4438,4438,4438%26amtos%3D0,0,0,0,0%26mcvt%3D4438%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4438%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3578%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D3777%26dtos%3D2240%26dtoss%3D2%26dvs%3D2240%26dfvs%3D2240%26dvpt%3D2240%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4438,4438,4438,4438,4438%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D7002%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4438;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4010 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjyZfKLS2YbX8EduHgAf616aIDY38rMxi4bXE4M8Np-uivcABEAEgsK_iH2CV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgTnAU_QNXvy_hPyRpBUuMfXtA3WVAU8sBOj9wxHXOcleuas9UDblIRxn2pCPdjKhxJOlGIR2CXeebcqVsjOwnaPdA3TmIU6SaqSOI6TibIrU0u6PaE1RN88Byva8tG6G356OO_x8OcfLii6H8bCHA4yPxKeXTe8YgCgjwhzC6X6VBdPJ4K8-4TR6o2iZj_x8WKhHxXAIweAQsX4ceKKpnYq5IZrDn0wkOMgt8w3qFRNIEkDlOPZK4QIzv3I1QfR3ekVyBxO5KzTCt_dd8aSu8jljGTtCOr3-qB7DkDv-rrkbHzxNzNs3TjSN8AEpqHiprwD4AQDkAYBoAZOgAeCyYK2AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATxuWZDdATANgTA4gUA9gUAdAVAYAXAQ&sigh=2VzYCsDode4&label=videoplaytime25&ad_mt=4710&acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4438,0,0,0,0%26mtos%3D4438,4438,4438,4438,4438%26amtos%3D0,0,0,0,0%26mcvt%3D4438%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4438%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3578%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D3777%26dtos%3D2240%26dtoss%3D2%26dvs%3D2240%26dfvs%3D2240%26dvpt%3D2240%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4438,4438,4438,4438,4438%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D7002%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4438&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNAkQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0BzCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAtwFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01IxwFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=19.008&vi=100&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=firstQuartile&ad=19.008&vi=100&d1=vpaid&fv=3&stk=1&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 178ms
178ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNWNS,pingTime:5,time:6331,type:p,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:18%7D,%7Bpiv:100,vs:i,r:,t:1329%7D%5D,ve:%7BvEventCount:48,vEvents:%5B%7Bt:-183,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-165,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-137,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-3,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:137,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:161,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:255,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:404,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:404,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:404,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:454,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:521,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:527,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:537,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:545,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:647,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:713,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:829,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:833,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1045,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1296,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1412,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1547,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1796,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2046,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2251,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3887,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4887,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5137,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:5240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:1329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1324~0,2~100%5D,as:%5B1326~400.225%5D%7D%7D,%7Bsl:i,t:1329,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:179,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:11 GMT
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 179ms
178ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNWOq,pingTime:5,time:6294,type:p,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:19%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,ve:%7BvEventCount:48,vEvents:%5B%7Bt:-283,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-239,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-187,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-5,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:38,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:99,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:287,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:303,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:304,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:447,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:456,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:485,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:592,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:692,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:760,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:944,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1192,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1308,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1441,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1694,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1944,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2180,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2383,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2631,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4788,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5788,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:5880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5006,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1283~0,1~100%5D,as:%5B1284~400.225%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:178,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:11 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 178ms
178ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNXEK,pingTime:-4,time:9538,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:19%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,ve:%7BvEventCount:53,vEvents:%5B%7Bt:-283,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-239,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-187,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-5,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:38,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:99,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:287,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:303,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:304,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:447,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:456,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:485,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:592,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:692,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:760,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:944,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1192,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1308,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1441,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1694,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1944,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2180,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2383,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2631,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4788,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5788,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:5880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6788,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:8038,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:9038,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:9538,tp:adVideoMidpoint,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:8250,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1283~0,1~100%5D,as:%5B1284~400.225%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8249~100%5D,as:%5B8249~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:185,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:15 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D9201,0,0,0,0%26mtos%3D9201,920...
ade.googlesyndication.com/ddm/activity/ Frame 11FB 42 B
63 B 45ms
44ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D9201,0,0,0,0%26mtos%3D9201,9201,9201,9201,9201%26amtos%3D0,0,0,0,0%26mcvt%3D9201%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9201%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D7336%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D9014%26dtos%3D4750%26dtoss%3D3%26dvs%3D4750%26dfvs%3D4750%26dvpt%3D4750%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4750,4750,4750,4750,4750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D49%26emuc%3D0%26emb%3D49,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147482753%26psv%3D-2147482753%26psfv%3D-2147482753%26psa%3D0%26ptlt%3D11531%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9201;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11FB 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTOYzKLS2Yc_nILGrrATm-4DAD438rMxi4bXE4M8Np-uivcABEAEg7YPjTWCV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgT3AU_QognJordff1VUAIced0py0MEccfMfkeOKCJsbj0A-RUfk53w2aGyZ1qAgeZBTxUnPrkz78EEQ2S3qQGCYA06hzbsuI7KSKyjxLwVEWA-plkJ87b4e5JHiyLBwRr57048y_Dhqcd1Ze-mkeGkCxN8QB7OSiygcaIbk38kDQb4vvBtWxvOxR9Az5ahXLiFoz5R2e1XODAPzttve5_dXxrA-trcx0DbgR8hrPuceAnVUq8g9qMm7oRvZUaGUv4t3HQoWEJuRSb1atViPfm-rrZ6jQawM0BgDJUvhhQhHLdy4_rYpH-hKMcOorFxL6CkvQ3sKBe1IUNTABKah4qa8A-AEA5AGAaAGToAHgsmCtgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc4ODE2NjQwNTkwNjEwMDSACgOYCwHICwGADAGwE8blmQ3QEwDYEwOIFAPYFAHQFQGAFwE&sigh=2crskPWe-2U&label=videoplaytime50&ad_mt=9459&acvw=sv%3D914%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D9201,0,0,0,0%26mtos%3D9201,9201,9201,9201,9201%26amtos%3D0,0,0,0,0%26mcvt%3D9201%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9201%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D7336%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D9014%26dtos%3D4750%26dtoss%3D3%26dvs%3D4750%26dfvs%3D4750%26dvpt%3D4750%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4750,4750,4750,4750,4750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D49%26emuc%3D0%26emb%3D49,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147482753%26psv%3D-2147482753%26psfv%3D-2147482753%26psa%3D0%26ptlt%3D11531%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9201&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNA0wEKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0AyCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAuQFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01I7AFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=19.008&vi=100&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=midpoint&ad=19.008&vi=100&d1=vpaid&fv=3&stk=1&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:15 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 185ms
184ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNXFd,pingTime:-4,time:9638,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:18%7D,%7Bpiv:100,vs:i,r:,t:1329%7D%5D,ve:%7BvEventCount:53,vEvents:%5B%7Bt:-183,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-165,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-137,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-3,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:137,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:161,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:255,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:404,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:404,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:404,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:454,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:521,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:527,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:537,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:545,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:647,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:713,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:829,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:833,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1045,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1296,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1412,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1547,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1796,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2046,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2251,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3887,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4887,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5137,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:5240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6387,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:6490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:7637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:8637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:9637,tp:adVideoMidpoint,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:8309,o:1329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1324~0,2~100%5D,as:%5B1326~400.225%5D%7D%7D,%7Bsl:i,t:1329,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8307~100%5D,as:%5B8307~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:184,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:15 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D9186,0,0,0,0%26mtos%3D9186,918...
ade.googlesyndication.com/ddm/activity/ Frame 4010 42 B
63 B 44ms
43ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D9186,0,0,0,0%26mtos%3D9186,9186,9186,9186,9186%26amtos%3D0,0,0,0,0%26mcvt%3D9186%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9186%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D7524%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D8527%26dtos%3D4748%26dtoss%3D3%26dvs%3D4748%26dfvs%3D4748%26dvpt%3D4748%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4748,4748,4748,4748,4748%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D49%26emuc%3D0%26emb%3D49,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483153%26psv%3D-2147483153%26psfv%3D-2147483153%26psa%3D0%26ptlt%3D11750%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9186;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4010 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjyZfKLS2YbX8EduHgAf616aIDY38rMxi4bXE4M8Np-uivcABEAEgsK_iH2CV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgTnAU_QNXvy_hPyRpBUuMfXtA3WVAU8sBOj9wxHXOcleuas9UDblIRxn2pCPdjKhxJOlGIR2CXeebcqVsjOwnaPdA3TmIU6SaqSOI6TibIrU0u6PaE1RN88Byva8tG6G356OO_x8OcfLii6H8bCHA4yPxKeXTe8YgCgjwhzC6X6VBdPJ4K8-4TR6o2iZj_x8WKhHxXAIweAQsX4ceKKpnYq5IZrDn0wkOMgt8w3qFRNIEkDlOPZK4QIzv3I1QfR3ekVyBxO5KzTCt_dd8aSu8jljGTtCOr3-qB7DkDv-rrkbHzxNzNs3TjSN8AEpqHiprwD4AQDkAYBoAZOgAeCyYK2AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATxuWZDdATANgTA4gUA9gUAdAVAYAXAQ&sigh=2VzYCsDode4&label=videoplaytime50&ad_mt=9460&acvw=sv%3D914%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D9186,0,0,0,0%26mtos%3D9186,9186,9186,9186,9186%26amtos%3D0,0,0,0,0%26mcvt%3D9186%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9186%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D7524%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D8527%26dtos%3D4748%26dtoss%3D3%26dvs%3D4748%26dfvs%3D4748%26dvpt%3D4748%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4748,4748,4748,4748,4748%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D49%26emuc%3D0%26emb%3D49,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147483153%26psv%3D-2147483153%26psfv%3D-2147483153%26psa%3D0%26ptlt%3D11750%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9186&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNAkQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0BzCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAtwFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01IxwFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=19.008&vi=100&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=midpoint&ad=19.008&vi=100&d1=vpaid&fv=3&stk=1&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:15 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 108ms
107ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=19.008&vi=100&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=sec10&vi=100&d1=vpaid&fv=3&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
105ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=19.008&vi=100&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=sec10&vi=100&d1=vpaid&fv=3&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 186ms
185ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=ae4912f2-4970-94e4-3c1a-3f7cdfe93497&tv=%7Bc:wDNYTm,pingTime:-4,time:14288,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:19%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,ve:%7BvEventCount:58,vEvents:%5B%7Bt:-283,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-239,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-187,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-5,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:38,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:99,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:287,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:303,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:304,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:436,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:447,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:456,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:485,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:592,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:692,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:760,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:944,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1192,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1308,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1441,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1694,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1944,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2180,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2383,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2631,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4788,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5630,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5788,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:5880,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6130,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6380,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6788,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:8038,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:9038,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:9538,tp:adVideoMidpoint,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:10288,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:11538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:12538,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:13788,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:14288,tp:adVideoThirdQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:13000,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1283~0,1~100%5D,as:%5B1284~400.225%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12998~100%5D,as:%5B12998~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:183,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110%7C111,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:19 GMT
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D13949,0,0,0,0%26mtos%3D13949,1...
ade.googlesyndication.com/ddm/activity/ Frame 11FB 42 B
63 B 44ms
44ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9fyKtOHf9AIVjeAbCh1IwQIgEAAYACDLvupMQhMIz5v-s-Hf9AIVsRWLCh3mPQD4;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D13949,0,0,0,0%26mtos%3D13949,13949,13949,13949,13949%26amtos%3D0,0,0,0,0%26mcvt%3D13949%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13949%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11281%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D13764%26dtos%3D4748%26dtoss%3D4%26dvs%3D4748%26dfvs%3D4748%26dvpt%3D4748%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4748,4748,4748,4748,4748%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D72%26emuc%3D0%26emb%3D72,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147467393%26psv%3D-2147467393%26psfv%3D-2147467393%26psa%3D0%26ptlt%3D16279%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,13949;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145;ecn1=1;etm1=0;eid1=960585;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11FB 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTOYzKLS2Yc_nILGrrATm-4DAD438rMxi4bXE4M8Np-uivcABEAEg7YPjTWCV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgT3AU_QognJordff1VUAIced0py0MEccfMfkeOKCJsbj0A-RUfk53w2aGyZ1qAgeZBTxUnPrkz78EEQ2S3qQGCYA06hzbsuI7KSKyjxLwVEWA-plkJ87b4e5JHiyLBwRr57048y_Dhqcd1Ze-mkeGkCxN8QB7OSiygcaIbk38kDQb4vvBtWxvOxR9Az5ahXLiFoz5R2e1XODAPzttve5_dXxrA-trcx0DbgR8hrPuceAnVUq8g9qMm7oRvZUaGUv4t3HQoWEJuRSb1atViPfm-rrZ6jQawM0BgDJUvhhQhHLdy4_rYpH-hKMcOorFxL6CkvQ3sKBe1IUNTABKah4qa8A-AEA5AGAaAGToAHgsmCtgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc4ODE2NjQwNTkwNjEwMDSACgOYCwHICwGADAGwE8blmQ3QEwDYEwOIFAPYFAHQFQGAFwE&sigh=2crskPWe-2U&label=videoplaytime75&ad_mt=14209&acvw=sv%3D914%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D13949,0,0,0,0%26mtos%3D13949,13949,13949,13949,13949%26amtos%3D0,0,0,0,0%26mcvt%3D13949%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13949%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11281%26pst%3D228%26vpaid%26dur%3D19008%26vmtime%3D13764%26dtos%3D4748%26dtoss%3D4%26dvs%3D4748%26dfvs%3D4748%26dvpt%3D4748%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4748,4748,4748,4748,4748%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D794%26femvt%3D0%26emc%3D72%26emuc%3D0%26emb%3D72,0,0,0,0%26avms%3Dexc%26qi%3D582852240%26psm%3D-2147467393%26psv%3D-2147467393%26psfv%3D-2147467393%26psa%3D0%26ptlt%3D16279%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,13949&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625145&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNA0wEKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0AyCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAuQFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01I7AFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 109ms
108ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=28979&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=3&aafaid=&proto=https&uid=1639363622392-936944863393-007097-008-008467&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=50841605144&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=5ea2693a68117d1c3c154dc6%7C5ea84ae409a41a723a209314%7C60938ff57621683c2c6776a3&pid=5e63d10e28a0614d2b01395e%7C5e4d2a2d2a62e7166c1db7a5%7C59c9148628a0612da3689288&cid=5ea26963e792ea55c7264da7%7C5e97fece3706f1266619c969%7C5ea84900c94b8975a9508d38&h=a8c7df678624ab28dfb5fe7d240e966ef3d997cc&d9=1000&ad=19.008&vi=100&ofpr=3.92074&imid=a18143d299197d55ece54d4124a7c504_1723150228_5981670&e=thirdQuartile&ad=19.008&vi=100&d1=vpaid&fv=3&stk=1&cb=1639363622545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 179ms
179ms Image
image/gif 52.35.244.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=674773&asId=de932e4b-f6b6-7b26-3f9f-bfec690668ff&tv=%7Bc:wDNYTO,pingTime:-4,time:14388,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.h.v,w:400,h:225,t:18%7D,%7Bpiv:100,vs:i,r:,t:1329%7D%5D,ve:%7BvEventCount:58,vEvents:%5B%7Bt:-183,tp:adLoaded,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-165,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-137,tp:adStarted,sl:o,ad_duration:19,width:400,height:225,volume:0%7D,%7Bt:-3,tp:volumeChanged,sl:o,ad_duration:19,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:137,tp:adDurationChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:161,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:255,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:404,tp:adImpression,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:404,tp:adVideoStart,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:404,tp:adRemainingTimeChange,sl:o,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:454,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:521,tp:resizeAd,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:527,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:537,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:545,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:647,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:713,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:829,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:833,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1045,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1296,tp:volumeChanged,sl:o,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1412,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:1547,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1796,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2046,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2251,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:2740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3887,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:3990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4491,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4887,tp:adVideoFirstQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:4990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5137,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:5240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5740,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5990,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6240,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6387,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:6490,tp:volumeChanged,sl:i,ad_duration:19.008,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:7637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:8637,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:9637,tp:adVideoMidpoint,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:9887,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:10888,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:12137,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:13387,tp:adRemainingTimeChange,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D,%7Bt:14387,tp:adVideoThirdQuartile,sl:i,ad_duration:19.008,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:13059,o:1329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:0,obst:0,th:0,reas:l.h.v,bkn:%7Bpiv:%5B1324~0,2~100%5D,as:%5B1326~400.225%5D%7D%7D,%7Bsl:i,t:1329,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B13057~100%5D,as:%5B13057~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:193,fm:sRrcHIB+1*.674773-53504714%7C11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C161%7C1621%7C163%7C164%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o%7C1p1%7C1q%7C1r1%7C1s1%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.244.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-244-206.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:19 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D13939,0,0,0,0%26mtos%3D13939,1...
ade.googlesyndication.com/ddm/activity/ Frame 4010 42 B
63 B 45ms
45ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm8-KtOHf9AIVQk0bCh3N0wxdEAAYACDLvupMQhMItbDvs-Hf9AIV2wPgCh36qwnR;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D13939,0,0,0,0%26mtos%3D13939,13939,13939,13939,13939%26amtos%3D0,0,0,0,0%26mcvt%3D13939%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13939%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11474%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D13277%26dtos%3D4753%26dtoss%3D4%26dvs%3D4753%26dfvs%3D4753%26dvpt%3D4753%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4753,4753,4753,4753,4753%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D73%26emuc%3D0%26emb%3D73,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147469329%26psv%3D-2147469329%26psfv%3D-2147469329%26psa%3D0%26ptlt%3D16503%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,13939;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205;ecn1=1;etm1=0;eid1=960585;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4010 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjyZfKLS2YbX8EduHgAf616aIDY38rMxi4bXE4M8Np-uivcABEAEgsK_iH2CV0oiCmAfIAQWpArkqj33C_LI-qAMByAMTmAQAqgTnAU_QNXvy_hPyRpBUuMfXtA3WVAU8sBOj9wxHXOcleuas9UDblIRxn2pCPdjKhxJOlGIR2CXeebcqVsjOwnaPdA3TmIU6SaqSOI6TibIrU0u6PaE1RN88Byva8tG6G356OO_x8OcfLii6H8bCHA4yPxKeXTe8YgCgjwhzC6X6VBdPJ4K8-4TR6o2iZj_x8WKhHxXAIweAQsX4ceKKpnYq5IZrDn0wkOMgt8w3qFRNIEkDlOPZK4QIzv3I1QfR3ekVyBxO5KzTCt_dd8aSu8jljGTtCOr3-qB7DkDv-rrkbHzxNzNs3TjSN8AEpqHiprwD4AQDkAYBoAZOgAeCyYK2AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATxuWZDdATANgTA4gUA9gUAdAVAYAXAQ&sigh=2VzYCsDode4&label=videoplaytime75&ad_mt=14210&acvw=sv%3D914%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D13939,0,0,0,0%26mtos%3D13939,13939,13939,13939,13939%26amtos%3D0,0,0,0,0%26mcvt%3D13939%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13939%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11474%26pst%3D227%26vpaid%26dur%3D19008%26vmtime%3D13277%26dtos%3D4753%26dtoss%3D4%26dvs%3D4753%26dfvs%3D4753%26dvpt%3D4753%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4753,4753,4753,4753,4753%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1149%26femvt%3D0%26emc%3D73%26emuc%3D0%26emb%3D73,0,0,0,0%26avms%3Dexc%26qi%3D770485860%26psm%3D-2147469329%26psv%3D-2147469329%26psfv%3D-2147469329%26psa%3D0%26ptlt%3D16503%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,13939&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639363625205&sdkv=h.3.491.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODc5NTExNjY4MDNAkQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODUwNjcyMzIyCTE2MTEyODI2N0BzCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg1MDY3MjMyMgkxNjExMjgyNjdAtwFSIxAEJWIQmEEoAToLMTYxMTI4MjY3LTFCBEdEQ01IxwFQAGABGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 02:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 34.201.197.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=78581&t=1639363622&cip=168.119.25.199&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1639363622555-925571806393-006971-002-004166&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=92705622604&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C60cb5f4d3b6dc13cf26e7244&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=2e0d086937fd53f539f5b8b574fca6b5915a0666&d9=1000&ad=19.008&vi=100&ofpr=2&imid=f8b6e25c550f024a48314bd53c0d0518_1723161124_594294&e=thirdQuartile&ad=19.008&vi=100&d1=vpaid&fv=3&stk=1&cb=1639363622666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-197-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:47:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1273/eclick/ea3.js

Domain: logperf.vnexpress.net
URL: https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1639363560000&timecookie=&timeclient=1639388819000

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/gtm/js?id=GTM-P5FWR6V&t=gtm5&cid=943032122.1639363619

Domain: la.vnecdn.net
URL: https://la.vnecdn.net/get?action_name=vnexpress.net%2FVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&idsite=6&rec=1&r=007762&h=2&m=47&s=0&url=https%3A%2F%2Fvnexpress.net%2F&urlref=https%3A%2F%2Fvnexpress.net%2F&_id=f06807c7061fd34e&_idts=1639363620&_idvc=1&_idn=1&_refts=0&_viewts=1639363620&cvar=%7B%222%22%3A%5B%22tt_category_id%22%2C%221000000%22%5D%2C%223%22%3A%5B%22tt_article_id%22%2C%221000000%22%5D%2C%226%22%3A%5B%22keyword%22%2C%22VnExpress%2C%20tin%20t%E1%BB%A9c%2C%20tin%20the%20gioi%2C%20tin%20nhanh%2C%20tin%20tuc%20viet%20nam%2C%20doc%20bao%20VnExpress%20tin%20t%E1%BB%A9c%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20-%20Th%C3%B4ng%20tin%20nhanh%20%26%20ch%C3%ADnh%20x%C3%A1c%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%ADp%20nh%E1%BA%ADt%20h%C3%A0ng%20gi%E1%BB%9D.%20%C4%90%E1%BB%8Dc%20b%C3%A1o%20tin%20t%E1%BB%A9c%20online%20Vi%E1%BB%87t%20Nam%20%26%20Th%E1%BA%BF%20gi%E1%BB%9Bi%20n%C3%B3ng%20%22%5D%7D&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22null%22%5D%2C%225%22%3A%5B%22CPMS_LOG%22%2C%22null%22%5D%2C%227%22%3A%5B%22fosp_aid_bk%22%2C%22aun2quh3kq32b41i.1639363620.des%22%5D%7D&gt_ms=295&fosp_id=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AA0CBE7DbWgAAEzqjHsDFQ&gdpr=0

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2304492&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f55f25be-5bbe-11ec-ab9e-c11f7817a48e

Domain: gcdn.2mdn.net
URL: https://gcdn.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/47BE9E10328E8D8F62D49C5ECFE196BDCC1A03F0.B1D6314DC73F56F9A962C397E08A8F4C75885D46/key/ck2/file/file.mp4

Domain: gcdn.2mdn.net
URL: https://gcdn.2mdn.net/videoplayback/id/bc0324f46ed5026e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3780925452/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/47BE9E10328E8D8F62D49C5ECFE196BDCC1A03F0.B1D6314DC73F56F9A962C397E08A8F4C75885D46/key/ck2/file/file.mp4

Verdicts & Comments Add Verdict or Comment

323 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vnexpress.net/	1970-01-19 23:23:12	Name: device_env Value: 4
.vnexpress.net/	1970-01-19 23:32:48	Name: sw_version Value: 1
vnexpress.net/	1970-01-19 23:22:47	Name: _efr Value: 1639363560000
.vnexpress.net/	1970-01-19 23:24:10	Name: _gid Value: GA1.2.234492645.1639363619
.vnexpress.net/	1970-01-19 23:22:43	Name: _dc_gtm_UA-50285069-28 Value: 1
.vnexpress.net/	1970-01-20 16:53:55	Name: _ga_DQJ7NF9DN2 Value: GS1.1.1639363619.1.0.1639363619.60
.vnexpress.net/	1970-01-20 16:53:55	Name: _ga_57577CKS2C Value: GS1.1.1639363619.1.0.1639363619.60
.vnexpress.net/	1970-01-20 08:06:53	Name: fosp_aid Value: aun2quh3kq32b41i.1639363620.des
.vnexpress.net/	1970-01-20 08:06:53	Name: orig_aid Value: aun2quh3kq32b41i.1639363620.des
.vnexpress.net/	1970-01-19 23:22:45	Name: _pk_cvar Value: %7B%224%22%3A%5B%22fosp_aid%22%2C%22null%22%5D%2C%225%22%3A%5B%22CPMS_LOG%22%2C%22null%22%5D%2C%227%22%3A%5B%22fosp_aid_bk%22%2C%22aun2quh3kq32b41i.1639363620.des%22%5D%7D
.vnexpress.net/	1970-01-20 16:53:55	Name: _pk_id Value: f06807c7061fd34e.1639363620.1.1639363620.1639363620.
.vnexpress.net/	1970-01-19 23:22:45	Name: _pk_ses Value: *
.vnexpress.net/	1970-01-20 08:08:19	Name: login_system Value: 1
.vnexpress.net/	1970-01-19 23:24:00	Name: display_cpd Value: 0
.adp.vnecdn.net/	1970-01-20 08:08:44	Name: fosp_aid Value: aun2quh3kq32b41i.1639363620.des
.adp.vnecdn.net/	1970-01-20 08:08:44	Name: orig_aid Value: aun2quh3kq32b41i.1639363620.des
.vnexpress.net/	1970-01-20 08:08:19	Name: fpt_uuid Value: %22d166cbf3-01dc-4b84-909a-d256e7ecf8f4%22
.vnexpress.net/	1970-01-20 08:08:19	Name: ajs_group_id Value: null
.adnxs.com/	1970-01-20 01:32:19	Name: uuid2 Value: 938033878257425291
la2.vnecdn.net/	1970-01-20 00:05:55	Name: fosp_aid Value: aun2quh3kq32b41i.1639363620.des
la2.vnecdn.net/	1970-01-20 00:05:55	Name: orig_aid Value: aun2quh3kq32b41i.1639363620.des
.spotxchange.com/	1970-01-20 08:08:19	Name: audience Value: f2524b4f-5bbe-11ec-bd4c-1ab0ad8d0506
.vnexpress.net/	1970-01-19 23:24:10	Name: fosp_loc Value: 40622-0-DE
.octopus-stream01-cads.fpt.vn/	1970-01-23 14:58:43	Name: cdp_uuid Value: d166cbf3-01dc-4b84-909a-d256e7ecf8f4
.doubleclick.net/	1970-01-20 08:44:19	Name: IDE Value: AHWqTUmadgC_vzC5n6A1T8QhltI4V7RMPEK9kCU0VMEksg_sPZ_N9AT2bu_SKArRuPs
usi-saas.vnexpress.net/	1970-01-19 23:22:45	Name: usi.saas Value: s%3AdQaz7CiivUs-XQoAVflBh88EoTRmK4gQ.wrPi7MUGOUG2VVO37CkvgHIZxTHrgfDAUA71yqBWPWc
.vnexpress.net/	1970-01-20 16:53:55	Name: _ga Value: GA1.2.943032122.1639363619
.vnexpress.net/	1970-01-19 23:22:43	Name: _gat_gtag_UA_44808995_10 Value: 1
.adsrvr.org/	1970-01-20 08:08:19	Name: TDID Value: 9a0d967a-c2dd-49fd-b870-fdc8844ec57c
.ad-srv.net/	1970-01-20 01:32:19	Name: pwzdy6wsn8n7_uid Value: f0ab341ca25b6d86
.awin1.com/	1970-01-19 23:27:02	Name: awpv11430 Value: 473322\|1639363622\|f30d9431-5bbe-11ec-b793-2236c2b2c5ff
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 361931:2950366
.creative.mlsat02.de/	1970-01-20 00:49:07	Name: trs Value: 53758022%3B908cbadb724971cc9012ced767276cc8%3B11430_473322_1639363622_f3052fc0-5bbe-11ec-8643-22623bd97fb3%3B
.telekom.de/	1970-01-19 23:27:02	Name: viewvpnr Value: MetaPeople\|pv-NTM3NTgwMjI7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzkzNjM2MjJfZjMwNTJmYzAtNWJiZS0xMWVjLTg2NDMtMjI2MjNiZDk3ZmIzOw..\|VB1049\|59814\|59814\|1-1105148698\|\|4001780
.vnexpress.net/	1970-01-20 08:44:19	Name: __gads Value: ID=e67309d769fb5a1a:T=1639363621:S=ALNI_MbEnTY2UeZlY7KVtuhbXhdj_GPRfg
.adform.net/	1970-01-20 00:07:22	Name: C Value: 1
.adform.net/	1970-01-20 00:49:07	Name: uid Value: 2093463165018036868
.adform.net/	1970-01-19 23:32:48	Name: TPC Value: 1639363622446
.urekamedia.com/	1970-01-20 12:20:19	Name: OptUID Value: 70163936362230
.advertising.com/	1970-01-20 08:09:46	Name: APID Value: UPf350b7c9-5bbe-11ec-90c4-0650eaacc0c0
.aniview.com/	1970-01-19 23:37:07	Name: aniC Value: 1639363622555-925571806393-006971-002-004166
.360yield.com/	1970-01-20 01:32:19	Name: tuuid Value: 46d1d8a9-db20-4a84-9b08-281cc892a497
.360yield.com/	1970-01-20 01:32:19	Name: tuuid_lu Value: 1639363622
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: def8c5a744981faee6bfcc6931f9370
.1rx.io/	1970-01-20 08:08:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003%22%7D
.adnxs.com/	1970-01-20 01:32:19	Name: icu Value: ChgIp-9fEAoYASABKAEwpOjajQY4AUABSAEKGAi4420QChgBIAEoATCm6NqNBjgBQAFIARCm6NqNBhgB
.targeting.unrulymedia.com/	1970-01-20 08:08:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003%22%7D
.technoratimedia.com/	1970-01-21 19:10:43	Name: tads_uid Value: GDPR
.rubiconproject.com/	1970-01-20 08:08:19	Name: khaos Value: KX42RV09-27-H1SE
.aniview.com/	1970-01-19 23:24:10	Name: 2_C_22 Value: 46d1d8a9-db20-4a84-9b08-281cc892a497
sync.aniview.com/	1970-01-19 23:24:10	Name: 2_C_22 Value: 46d1d8a9-db20-4a84-9b08-281cc892a497
.aniview.com/	1970-01-19 23:24:10	Name: 2_C_200 Value: RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003
sync.aniview.com/	1970-01-19 23:24:10	Name: 2_C_200 Value: RX-11dd3b59-d28a-41ef-b87d-05a21dd9a62a-003
.aniview.com/	1970-01-19 23:24:10	Name: 2_C_55 Value: 938033878257425291
sync.aniview.com/	1970-01-19 23:24:10	Name: 2_C_55 Value: 938033878257425291
.rlcdn.com/	1970-01-20 08:08:19	Name: rlas3 Value: 6dmvRdGt3kXL0uCekLGtFRSNq32d9+YhHZxPeIvZyaU=
.rlcdn.com/	1970-01-20 00:49:07	Name: pxrc Value: CAA=
.criteo.com/	1970-01-20 08:44:19	Name: uid Value: 65bfdbe7-28fa-4a45-9227-97da3db62d14
.everesttech.net/	1970-01-20 08:08:19	Name: everest_g_v2 Value: g_surferid~Yba0JwALfr-rIgAz
.vnexpress.net/	1970-01-20 08:44:19	Name: cto_bundle Value: LrPBPF9xaDZJdVdDaW8yUThpYVBRbE5TZldVdGRMckpsNk5lekglMkZzcGZJU1I3Y0k3Zk1yOEFCYWZpJTJCeU1nVUh6RElMQWt4d1dBSFRRekhZUlpRSk0yOXU0RWNEZlNmWDhKWGR5aDBCbmtobVR3bzRwdEtOQmlEYWFGakNOZTZ3emlGS0JZQTU1T3lCQ1VKVjdEQmIyZW5tdjNnJTNEJTNE
ads.stickyadstv.com/	1970-01-20 00:05:55	Name: UID Value: 69eb21548d8fd41a3f31896b7cdf8138
.yahoo.com/	1970-01-20 08:08:41	Name: A3 Value: d=AQABBCe0tmECECS63whnX1RyPQOlKhMex7AFEgEBAQEFuGHAYQAAAAAA_eMAAA&S=AQAAAvieqYIucxdel7NMJ4W67_I
ads.stickyadstv.com/	1970-01-19 23:42:53	Name: uid-bp-30833 Value: 1
.fwmrm.net/	1970-01-20 03:41:55	Name: _uid Value: "l032a_7041013147037783767"
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-36033 Value: l032a_7041013147037783767
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: MRM_UID Value: l032a_7041013147037783767
.rubiconproject.com/	1970-01-20 08:08:19	Name: audit Value: 1\|sGO2TrjXO3To9qCQum2dS3iR6BWaUqmE0zVymDYpGgIOH2Ooa86/bKmIXoP3ifQzZPsteoFuPUHLv0ZnN1+t0WpeS2MlTsz5tvacoCptBQ48RB4ue1M5/zUo0QP1TIAq9TDIfB9kYOtALrS87woQ1X5L2q9qmCNPBGBWt6IEQb9GzKDbmpOAkfr2txpHIO+WQglbQ0zTchcQ34WIKQkJYkGe5df31h8KdhEt/Dlz318CeKllS49mk60yXmu5JAcZiOGrbGIBCr9e6v2KG6444biCYzSWP7j+lOyCXXZigKNuJAeEy/aME22WTdwuMuaAyqt4ohc5wWWQMl5/9HYmlw/D4awrVo3EGpPqc0uZCul0NQ91ihtFtvIs7joTOKgHqusxtkTkyIwq2j8UqcK3tSVhu+sKeVKsiAPAm7Zo0kfOao5DTvj+ws6go6/1Gn8EhXmDkXMNEu7Dm5xBB77c8zmX7ABkmwk4K0N42l/z2BlnbLUCa/lQcmncuGwUQODolOyCXXZigKOkijDvRvoOtK9AkE8z0xSP
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 10689
.adaptv.advertising.com/	1970-01-20 16:53:55	Name: migrated2y Value: "1"
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-159 Value: CAESEK3LK48L7IGVfJg_5eCiiDc
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-892 Value: 9a0d967a-c2dd-49fd-b870-fdc8844ec57c
.adsrvr.org/	1970-01-20 08:08:19	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMj7roGc-546EAUYASABKAIyCwiEn7m6svueOhAFOAFaCXN0aWNreWFkc2AC
.pubmatic.com/	1970-01-19 23:24:10	Name: KTPCACOOKIE Value: YES
ads.stickyadstv.com/	1970-01-20 00:05:55	Name: uid-bp-717 Value: y-M3u38XxE2oMiUiJnb49o8phV3Q00ZdzsLgmF7x0L~A
.pubmatic.com/	1970-01-20 01:32:19	Name: SyncRTB3 Value: 1640563200%3A220
.pubmatic.com/	1970-01-20 01:32:19	Name: KADUSERCOOKIE Value: 5C11912A-55C3-4296-827A-1FEAF997748E
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-951 Value: 938033878257425291
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-45 Value: Yba0JwALfr-rIgAz
.mathtag.com/	1970-01-20 08:48:38	Name: uuid Value: 40bc61b6-b428-4900-a369-bc1c52663bee
.pubmatic.com/	1970-01-20 01:32:19	Name: PUBMDCID Value: 3
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-529 Value: 40bc61b6-b428-4900-a369-bc1c52663bee
.pubmatic.com/	1970-01-19 23:24:10	Name: pi Value: 158804:3
.pubmatic.com/	1970-01-20 01:32:19	Name: chkChromeAb67Sec Value: 2
.w55c.net/	1970-01-20 00:05:55	Name: matchfreewheel Value: 5
.w55c.net/	1970-01-20 08:52:58	Name: wfivefivec Value: 5VlsAzkk1MWBmM5
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-23329 Value: 5VlsAzkk1MWBmM5
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-617 Value: 2093463165018036868
.bidr.io/	1970-01-20 08:51:13	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 01:32:19	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?fdYiG(!]tbP6j2F-XstGt!@D]h$hs#.
.tapad.com/	1970-01-20 00:49:07	Name: TapAd_TS Value: 1639363625374
.tapad.com/	1970-01-20 00:49:07	Name: TapAd_DID Value: 47e532b5-e307-4674-bed7-a58e0cc113de
.bidr.io/	1970-01-20 08:51:13	Name: bito Value: AAvgzU7DbWgAAExgjHsDFQ
ads.stickyadstv.com/	1970-01-20 00:05:55	Name: uid-bp-26913 Value: AAvgzU7DbWgAAExgjHsDFQ
.turn.com/	1970-01-20 03:41:55	Name: uid Value: 3011341032875855536
ads.stickyadstv.com/	1970-01-20 00:05:55	Name: uid-bp-171 Value: 8775667080933379760
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-25522 Value: no-consent
ads.stickyadstv.com/	1970-01-20 00:49:07	Name: uid-bp-25746 Value: f55f25be-5bbe-11ec-ab9e-c11f7817a48e
.ipredictive.com/	1970-01-20 08:08:19	Name: cu Value: f56fc75c-5bbe-11ec-8c83-177285b9e4ae\|1639363626130

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://vnexpress.net/ Message: Failed to decode downloaded font: data:application/font-woff2,
network	error	URL: https://la.vnecdn.net/get?action_name=vnexpress.net%2FVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&idsite=6&rec=1&r=007762&h=2&m=47&s=0&url=https%3A%2F%2Fvnexpress.net%2F&urlref=https%3A%2F%2Fvnexpress.net%2F&_id=f06807c7061fd34e&_idts=1639363620&_idvc=1&_idn=1&_refts=0&_viewts=1639363620&cvar=%7B%222%22%3A%5B%22tt_category_id%22%2C%221000000%22%5D%2C%223%22%3A%5B%22tt_article_id%22%2C%221000000%22%5D%2C%226%22%3A%5B%22keyword%22%2C%22VnExpress%2C%20tin%20t%E1%BB%A9c%2C%20tin%20the%20gioi%2C%20tin%20nhanh%2C%20tin%20tuc%20viet%20nam%2C%20doc%20bao%20VnExpress%20tin%20t%E1%BB%A9c%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20-%20Th%C3%B4ng%20tin%20nhanh%20%26%20ch%C3%ADnh%20x%C3%A1c%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%ADp%20nh%E1%BA%ADt%20h%C3%A0ng%20gi%E1%BB%9D.%20%C4%90%E1%BB%8Dc%20b%C3%A1o%20tin%20t%E1%BB%A9c%20online%20Vi%E1%BB%87t%20Nam%20%26%20Th%E1%BA%BF%20gi%E1%BB%9Bi%20n%C3%B3ng%20%22%5D%7D&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22null%22%5D%2C%225%22%3A%5B%22CPMS_LOG%22%2C%22null%22%5D%2C%227%22%3A%5B%22fosp_aid_bk%22%2C%22aun2quh3kq32b41i.1639363620.des%22%5D%7D&gt_ms=295&fosp_id=null Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AA0CBE7DbWgAAEzqjHsDFQ&gdpr=0 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f55f25be-5bbe-11ec-ab9e-c11f7817a48e Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2304492&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

364187f7114c8ddc8da01761c316e14f.safeframe.googlesyndication.com
3968fbf4f534237bc734b3858094abe1.safeframe.googlesyndication.com
452794cdd616c40f780ec3019325128a.safeframe.googlesyndication.com
aaa.artefact.com
accounts.google.com
acdn.adnxs.com
acds.prod.vidible.tv
ad.360yield.com
ad.ad-srv.net
ad23.ad-srv.net
ade.googlesyndication.com
adp.vnecdn.net
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.google.com
api-35-163-20-150.b2c.com
api.fouanalytics.com
bd.urekamedia.com
bid.g.doubleclick.net
bidder.criteo.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.jsdelivr.net
cdn.stickyadstv.com
cdnjs.cloudflare.com
cdzp1.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
core.polyad.net
creative.mlsat02.de
csi.gstatic.com
de1-bid.adsrvr.org
dt.adsafeprotected.com
ebs08.telekom.de
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.eclick.vn
gcdn.2mdn.net
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
gw.vnexpress.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
is.vnecdn.net
la.vnecdn.net
la2.vnecdn.net
logperf.vnexpress.net
match.adsrvr.org
mug.criteo.com
octopus-stream01-cads.fpt.vn
optimize.urekamedia.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
px.moatads.com
r3---sn-4g5ednld.c.2mdn.net
rechtstexte.s3.amazonaws.com
s.amazon-adsystem.com
s.eclick.vn
s.update.rubiconproject.com
s.vnecdn.net
s0.2mdn.net
s1.adform.net
s1.vnecdn.net
s1cdn.vnecdn.net
scdn.eclick.vn
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
solution.urekamedia.com
static.adsafeprotected.com
static.criteo.net
static.eclick.vn
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.1rx.io
tapestry.tapad.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track1.aniview.com
tracking.mlsat02.de
trk.vidible.tv
unified.adsafeprotected.com
usi-saas.vnexpress.net
v4-api-35-163-20-150.b2c.com
vcdn1-dulich.vnecdn.net
vcdn1-giaitri.vnecdn.net
vcdn1-kinhdoanh.vnecdn.net
vcdn1-thethao.vnecdn.net
vcdn1-vnexpress.vnecdn.net
vnexpress.net
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
ads.stickyadstv.com
gcdn.2mdn.net
la.vnecdn.net
logperf.vnexpress.net
s1.vnecdn.net
sync.ipredictive.com
www.google-analytics.com
www.googletagmanager.com
1.55.119.42
103.132.192.30
104.111.239.217
111.65.248.197
111.65.248.227
111.65.249.130
111.65.249.131
111.65.249.224
111.65.249.226
111.65.250.2
111.65.251.2
111.65.251.70
125.212.217.26
13.224.96.2
13.224.96.51
142.250.185.194
142.250.185.66
142.250.186.130
151.101.1.108
151.101.2.49
178.250.0.165
178.250.2.146
18.158.154.136
18.196.67.255
18.208.85.173
180.148.129.21
180.148.132.197
180.148.132.75
185.29.132.245
185.33.221.88
185.64.189.112
185.64.190.79
185.64.190.80
185.94.180.124
185.94.180.126
193.122.128.135
198.47.127.19
2.18.233.180
2.18.234.233
2.18.235.40
2001:4de0:ac19::1:b:1b
213.19.147.42
213.19.147.45
23.79.143.124
2600:9000:2190:9c00:8:48e:53c0:93a1
2606:4700:20::681a:723
2606:4700:3035::ac43:ad49
2606:4700:3036::ac43:c834
2606:4700::6810:125e
2606:4700::6810:5614
2607:f8b0:400c:c13::5e
2a00:1288:80:800::7000
2a00:1288:80:800::7001
2a00:1450:4001:5d::8
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200d
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2006
2a00:1450:4001:828::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c08::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:28a::2c79
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8
2a0b:4d07:101::1
34.201.197.184
34.240.93.178
34.247.8.190
34.251.154.165
35.157.211.26
35.163.20.150
35.172.120.178
35.227.248.159
35.244.174.68
37.157.4.25
37.157.6.236
37.252.172.249
47.241.71.179
51.178.130.209
51.68.117.182
52.218.91.50
52.223.40.198
52.35.244.206
52.41.9.160
52.46.130.91
52.57.42.190
54.154.42.245
54.229.48.81
74.125.71.155
76.223.26.175
78.46.23.46
8.39.36.141
8.39.36.142
80.158.66.20
88.99.219.174
006a596e4a6d95285f3e3232f30814c7273060e7fa1ba3a66a5dc71269044ab7
0092b2b2a89deb98cb1a154fa658a05a85fb13c18cb8473f1c19b4eded77f9b3
02772910bcc51ff0c2c0c6143200b527af322aab3c3a966223901f0d25f79842
0337c1c5938482b38354b1163d0fb97e00cdd1b8992090526b15a4f1e5012103
03d2f9cf73ae47da5ef4d7fea01ccb2a83e54096776f8dfe6034e5d2b3bb03f6
06180cb3884a7206a1e9a48dcfaf38b8b3bcfa85f3cf99276d1697d93660e6e2
06d04081124877665da7c29904fb3b4678c221aa3994f65de59cb5e795ab027e
089254d65cf5d80aed690e39295de84ddef3b71576be05dad0c22a2284db7b20
090f6609ab46ca56313d8ddf62ef2185fed4846b2271b77f5f5f95af5cda24dc
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0a512c6991071ee2b53331c5bedd46a813792fdb76e669789833c54c8e26b6f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e028461ad8b60b2ea37f9c003d251f33218dfaa70ca6f6d507863d487c1eb96
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768
15aed0593ab01dff02bf7af9ce996ca63ed3a4f03877928f72a88d214ceaabda
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0
18afcfc6da5c7d7293d22e6cbc71686fdc6c8cb55bb2d2902b2d38e3ef956e4c
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1ad33e796747efa6a1803f7d0ca50d1b3b8be4f453df10136934378ee733a435
1bab0de3bb5762ae321572182627df9edcc968bd81875be3deeb792d66d77d16
1c29406cd92883568c90d5396b549f283da34d5e2abece2cbc4e02b4336ebc2f
1d081ea9c4f5f4e37a50fc579a424a183000df898ec166e20f3ecbab54cb4655
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924
2005d8c062d032e2712bd1c2b58c0f8d3972b9301e98ea7a1b2c2643448ff238
228c6c180aca3421e4b3c73d18ad536ac64482739c46fe52ed9b1ff49b2a52ef
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23631201ef9b407520d4ccefc739d16cbd0ac645c6031a21fe5425140d9e3c19
23800168696b24b4338abfc4a31c048f3c0590957f80ece95bfebb30e2be356b
26347690a42de76f183305c56c8d2544d67a6a70defc5a86164953528e306fb4
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
27deb63dcc7462526432b4dee7496ced94b55b1e0eb94b2aefdd5bce27afd001
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9
28beb1fbae86e5636a884a2942db76ae98c5f519e07ff7601d22345afc6098a7
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29265ec9b5eb66be0156f5c71b9784fee2cd3103ccd4091d1a502ffc5e522c10
2b41c56f8dff39325db5d521da59d5c4c08027ca772060b0975de7f95d83466a
2b74f77780559a9a8a9d8b1f2b1ae61a052c788a608d045a74b985ebc69e4f78
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
32605c7678ec901efa985ca5b97431865489b8655bb35bddda2eb404d6bd6f7a
32c1a3c1cca84eba2f902fd78637ced03040028f31744657b5d1be030992b185
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3379efa4cea32ff3c9033dd2ab287a2ca00f42eb39beefb6c327b58e980ab5a5
33d0a4921bc88eea163222527f8d9baf4efe21f32200f52df483f498afff9703
34c7069272bf3822860a6046cdd19ea6ab491ca4f956a109f7ef71e3de7a012b
354cde304ce3d760f2a4ad018bd1c50842c26f8669b3dbfbbb589c980b9562e3
369f425efd4660e02947b9ce1faf29a9ffcfe79401ff33d3c2a1f145e418fff9
36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
371080d3fd974b70490aa1c16818b065ad34d04ef36217edf836e710bfb82dd0
3862144b6d9d6ca9ec6abcbccaac4b8c2c42339edd91c1be60b4066a8858c280
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3cc18ed147a0b0836766cab6baeb74d6ca5ef0f698bf246efa4e2c981111f813
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0aca0f595e51de1d50b84fc306946912673f4b1ad9d1c23c16d549373c9f52
3f67a74b5809be8d135ec070527c2f9eeb297c5519a45248ba2ddb648948115e
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969
428c87beaf264c0c882275b523456e71cc6804a22b21a81a4da3f140c678146a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4349ccdcc81db7821a3933da8c2875abc3cba6ca27ba64db9a406df132d8be60
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
45028a016d3feb51b3aef6a82b6e77c2cefbad208fd7c5b053514b15b92949ff
45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba
467c128d92a683e6c73a5ef060b0aab91e3f6820d118ade7ff1968c558adfc93
46e54d86c4c46b8e1a8627d2c578f9ec4a9610dce1e6bfbfc428f0cbaadf42d5
4716325022d4bf3d498ae370bec9845add20d0fe2b0ff3cc4e1202e7e8a7927e
48016cb19faa2b9168a3957ece98bbb918a03bde9721b8aa00c88fcba35fefc3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cae4cee758cced25c68bb6d0c4b1907b7a34034eafce848dba45e025f7cd3f
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e1ce2b3f4edd07a5d1ce47376c021c9f5b63764492050cd58dd5b30a04e3339
4fe2a16e2a0fbee25aadf13832c464ab7237cb93e7bbc671cd0eae5eb106f745
500c6d488fbd3de46f4b5abcc1ba216b7eb1844255339410b20be93eec14a7d2
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
517135790631ed31ba0bae4624dffc14ba3a9f449f09352feade20b57987e15d
52281193de29b6eb4bd1eb75469c08fbc3cd1ada69007740c6b144eb1ab03b61
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3
54c55d4ff2edf5b67910a64ede733ccfbd52765ffe6eb66fda9ea41d6fb7cb54
5556ef9382b21c0163871773beeaf8388c5c5b29a2c86ca2b82f566ba6ba3337
5593c1a7d556493f516d7ef888544dde628036c19ef620de2e051add6160aa96
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571d62c5d7f9299dab4e927be3735497746bff61d2acb5ea4ca1558d6cdd1513
574e37c4a8e0611fc0070eed9b8d53376825010e1bfc866403fe10caad767c6c
58c1655edec242ddc2a55d055b02bb32f38b9d1b5bf139d3c050443a05213533
58d7fee27e924a01b7fce18d3e7f9fe790eda5980569808041d635886d1d09ba
59f9e64914e5176726aa7685e8792f5e4f77706774790a0aedc236632cc6639e
5a1ae22c39c27651a6cffe117f500c7238fddb39db663449dd88f218b444c492
5a2eeb10e4e677f2d320bf572aeebfd530848eb6d15a4da4f84d389f9a4a8905
5a3508ab5eec7a88a0124ab70a0fdfac6bc89b18209f2219d4528606731e2c36
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7
5ab452e931380e8a82732820d89b17050049c08a6150674fd0db1866d029aa3b
5b7bef722c0c3519daed4fe5e8df94aec8afab3aebac12e7f5ac90b1e1da6d8b
5bf35e64beb98bace6b719cf94f4ce57e4aea164d5404304b271aef763c9f66f
5cac1851aa3e0a3f74d7d0b17d8b9153658a91e230fc50d850bb2db9d250b70c
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059
5e9cf3eda820f1c00b4e557ca67d37caa4ccb68fc6aef181480bb1f268d8f078
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
664ce4c687ca727ce1264ae7cea7e535d4c90830e554ad899ac76d013630bc9a
66cb0f00518d0b6623c75fdd6493c8e9af42fcff888064ca70c1b2172cb782b4
678624abb427bb215496c33b2121eb93dcdf2d1eea2d584bdb7d1fc089dc9846
67a183b58df3547aef85d7501af34d829764f4d025afcc2d0782f4866338f893
69cb5c541d37c353b822d86de1d8f554c970ad5b8f69d14ffde034f46f60a79e
6adee1eb7f9c1d8f269073423a59b4164fa0cb078a41206ba6a8b7dd6c3e4083
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6e0ddff0a3d725c4477735ebba178a84488ef215497fd97e71db72666d32a1a4
6f741451f5fea978cd0bfd74da71a35b4fc07656ef865f2ba7528c401fc1c4a1
7065179cdb7cbe93c5df291477e7d7fe36ce43398baec6f038b412f116284166
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017
717939a5c700fec06451fa275f1917ebc3a1e6fec5dc230f230733b6dc914002
72c24d7d5607ba05f79991c4b2da9e2f46e89cef8ab2f5bc868d64e3f0edefbb
73aadd2c014d9748e4ef42aad4b2ad4c89b249d56dda7a6e2a8fc3ccf2b932f8
75241ddae521a3bd41ad09f6f99c04e66506dc07719accf7ee757c490ef05ceb
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d
767a60eb904b1044c6b0335a679a2dde85fbcef06edff281f6c305fa5c2e9c92
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77d2ac6d57403bfe830a18d3e094e08a849d59e49a86b0f944a55e2ab6d9027a
7a26880b3804c4c3b8e59ccfc36accd73e898fed554c8922c341f8a360881f7b
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7a92f2970b0e71c6037d4f0442a902abd8c5ac02ac5c489889bfabbbf86cd5e3
7b97fdca40040900c32d349b9e5a352210e5d704dba6e6b8643c3b81d1cd9a4a
7c3f0d6cfe9f8fde34bf9653db1b256bd0601b91b14e6336dde2187396a16efe
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8119041b6eed98533746563b68f922573b69bb43dce6698d8e6f22de948cecae
81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7
820c17e01aa75f2deb6e56c83bf6896f793832b1eb359501b71d12f8e76a088f
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84995f17393daa7a6ca61d4f6e2a40b2ce465172550e835cad8a1151ab52e221
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86096aae66a81aadff9dce60a6e5ffa16f4c96f3d1ab1ce8d5e7283d90a588d7
863016606095ee80bec9802da48ef003599574c8b1472e9030f6792bad4f2fc2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
888f8d0fca69976da8e4be4a740234cbb131df093e28dc6f7102eefdf0a4ebd0
891522ce75d989b789bf28488295a58d5c0b41c58f2fea9b02529e824a2ad51f
89908dd50e4166f14578ab45a538ad9c489e241fc3b597b79e3f6a9e0094fa2a
8a315420550b792ed0451e0f09aa3947707368048f866861d9d0714884181e29
8bd079818c58acab6bd8925ca6ea880933994962e5cc83f7f7d4424e5d9d51fb
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1
8fb01a2b06bb3323069e79b097d4e749d933c382ec7a09c772d29d7737c78a46
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
90bd71e512a5de39a5e6692747523d000850a9bcd37887effabd90a4207c78ad
91cf687829fa39aeba7ac87bf11fa76834c5222471d373c2ebeba289746f05af
921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae
93d5bd9fea8a05a0f4d9d8254adf3cd1f42da3ba212b2ecb5f2fe96049e0f2b8
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
96052ad58c7e617755b57da261f2496de4e32fbbf52314d7121234aad17c5086
9622e9cdcd817320b0580df15b6ce985203bd3f97571a70e7696705635ff5b9c
971d8ee376606f4f9dd0d735a0a11b75ce128354c6ac7aff4a82dfef3994dc0d
9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c
98235ed8e6306cd4bbeac0da15acc17c06aff7419fe7326fb3c65a2d189fd387
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9e9267b6030afb09f572ce5160275b53e404af9111ff6055584af8bd1df25d09
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f468258692175b37db01844071922ff0ac4673b2d14dd4a7b3e0c40cbce7de9
9f58f9f706d4adab425001292d9d0554fed85a3263dc4c1c667985c106c5a571
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fa4417f1562e8c56d08ef600beb52ab952d2543f451e50ff0db3ea574e8e56b
9fb5660fb6dedf46bdb86a0ac34a3e91cbbe26b62cdfea7b1fca538c87f9b2ad
9fef10f19ecd21e2bd95af1dd2dd525fc8f1fcbca16328dba520672d7f0f3ec3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4353df0d45673ae0685be75ad1345ad25b4786d92775932761d45bd21175e47
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a674a51f9a0636427ae8a6d2be46a5cfff001194f523324127a7383f7a734c34
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f39e75855511b066a9215d6284096aeb218a2aa22f5a1e030dd71285711845
aab6584820b446dc81010d7e1149b2975cac086cd1d70e7109eff5d2e1faaffc
aaed9e48c2425016dab5bf1d7220b2553620bbd1beb6f8f662e1606901518652
ab3dcc8556946caa9e63806ea53b330d70aa02aa8a8bc2b440445ab3c0b92822
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152
ad27cb93a6babeed9d8b5715feba4207638428574d5e99cb5b1acbab1848f4b5
ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b54873b73ddb118dc1b3bfffd47bc2b343f539d1178c1aa7f0e38dd07cae98af
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
b66f7f78425f0541849b31d7662a67254caaa1f222a27964ecc463c159e88e25
b834a65f594b203142edfbf3528c4f910d77d870f100d09437534dcbd6a2cf44
ba273b85e8fe0043c3dad252bf5f782e67e1f2b43c8339f6393e4020cb4b7123
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbcb0ab0de80017508e91dbb9f5aac07fff7cfdd08107431745ca4c1300a3b4f
bcfae0aa1f158579bb7c0f9e19808b74de85d08d45740d4b86045db211638cb6
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c045429faf617c8c168fe721326775594c3af1496f7d4f77444bf2d0947aa5d2
c08cce165711c7d45255dee5fa18185b0ac36b0a19ba14629f9e67c192a2fe3a
c0d9156b1841ba8c36c6255ac80803a54892eea8ca52cdb6615c0bdb196dc515
c1a4f2634149168f111a0e7e8d74a7732dd0e436bbe1dee2726f5b2b9fb4d3aa
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23035f4163745c173b0f1c85fd5ce78f08689e7fd42ece1bbed1ccb86bd2840
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
c2c248c7102519c55137544468a0e4df2022422b3b948bd95da3c1455c0fc069
c4920c3b6a6cc7d1265841abc5c516f1dd4fd438ac3ab828edf0d99ca0c9595f
c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710
c4d44dd53ce68ab321ca0e4000525b444b0858ac480a5beb94c924e51db70d7a
c541888c9497913d5428327a0bc0886290a263284bb7e11d1bcee7733be15304
c87963accb73e5120d660a190955c90ce3527bc2d2441fa43a6c389c762352e0
c99bdc0edf23bac64c441cf9c86bcd7380bd7a705638543df05810192edc0532
c9d8c7dcab8308ee345a4cfbe7d52daa42865bf345de17bdb8e89b6450cbaddb
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca2e313c4d7f075f05e0175473fd193d50b280a0e45677d9e431782a6588a8f5
ca409d75ded1c89f276bcb1e513af3131a8eb01e268168a67b5434aa063e9be1
ca6329d951be61f37f8e1267de5845600a9640d9a354e018caa32222408e6333
cbc21ac33c00667f079d49fd2b87cef97ed584fed9b4bea22318b2eab7fa7262
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958
ce71ac1632c662d73bcd4da3aad1c325078efa0d5a98314ecacae5e78d5a1ebb
cee55548ee7eb850dbfb13e65858523541e97be7716626ffb7099dc0396da8a2
cf24c9c6a6c6047b30f25465fce39a284911ad73329b8dee04d158835492287e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03
d2649c7ba0cb7b8ac5cc0a9901a49f2c397ff340118081316840470e3dca2473
d2df1687c2ec8554f2d8f45def0ab3c52bc4824449df0bf56139c6db7c06693a
d2ed14cfff7884e5cd6eaf7ff8efb59a57ffba7a368c7e8cd80f5f4900bdb547
d30d5a15f01d0bf1d2eceda161aad30112be19ba8e5fbd1f1b65b15e32542b47
d33e6b08c023d3e96fd75681ac6aee901ac91655fc22da459652aa356c520697
d4891d43c15c3b6428efecfed2b3cacbd3338ced8ecf4453ceeefe57bde19aa8
d569b3809a5bb3ea042e90e5e15403ee2208fcf17063f83009610ede46f6396e
d68886e9024a07c1984e876c26fd176de5dcdfe9ccbac1e0fa3385ca4ca11e20
d754119bbec82eb1b4a74b38d4e73071fdbaddbaa887121839b92f7d3d636b2f
dcd676352f731e5fc1d14f8ee2c091354675810753700e6cea1af0230ac64671
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36247ffcdf67ad1e14963ea8997045885a594337635c59d8b78428893e8a3e
e147d896ebd3583cddf601abd3e48546c343a06cffb3c3eaff9de4ee57db63d2
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e29a30628c9f36c7e06fa43f2ff9892a248ab7dcb6826462750cf1d7358896a4
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e485f11c9478a02e4d579c47898551d375a6168a65e221c7e9e9a4e410567708
e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2
e5c10308ff09f026f2830b6351ed62a8b570f63827c047ce4c4fd653eb71a2cd
e64d8979656e216009c168a426b22befe8806f6f55aa4d30684ccd65481b2120
e721b35cc1f942727c6fe481e1b2f9f91e92702e79230117867f2f6cd913146a
e9ac3e87bdff88d94626a954481013ca9763cfa11efb185983c65bee308d724d
eaba73924c0d1fb12b12dcd3fe557b44c812b2891d1692897ccc7737079b9d98
eae8c5cf154893d34373d16452537ce0752e37cd9a53e226d0822eac51c28493
eb3b752af7a41e373b61f985ed90f65cd0d4f1e1a33ffdae065c503a25a33812
ed2a70f17b40efa67dccbd4e611eee0de040e99153751f629c220891e3f996e6
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc
edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db
ee29c60365e2157a9bdc77ec6e31f5311bb8c58459ac96e91f960c02f9c7260e
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eed37f6146ce8b310c73a7eae6e7af77e1644351dbac3930f14fd2efc7c33206
eedd967d3aaf90dfad648d15cc0da59d97ebe8c3e14dc6682597958294decbda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01892dc1842a40a7451343fe3b46c61a74e661dfb6404ceac6d7453bd8116ac
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f4ad6b3599b2f70f860112ba3748ae3c38549d456dde02682d90910f5aadcbf8
f5ff7b1a96a0963d7b754722c07b01f20e15ac89b84bdc7cd7d30a1a700f071c
f638e7694528d6f72992e5458d55b45b14b30a0279624a1211f3d01bd135d8c1
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f9c5b9291f841c6a29a081811e64e594aba773a8eccbbaa898f9b10a435c0454
f9e2f32ad9bd3d360b1804c9dd8c9e3e240bac97dd252524e14362ae7e3be62f
fad4494b6752b2c24e0d25b2234ffe7901e317c425e5e50ab6e90002292e2518
faf26da8f02338afdb69220c7abfe43a28d02680cdca0d7c50a7d08d4a309572
fcf5955999aa707293828168c27771dc76be3cc65d2222100ad5aeaddb803f89
fd5757d8048bc223b97d83307e460f862d4d9257e8150bd5241068e42e34cd38
fd65871333f32a3f54174f62fb06282f9dcad18926ad1aaf575f8962f17bc7d8
ff2cda00f0d0aaf3deda0006dd21fc45b6a64533d501d8aa30f288d1d7c72eea
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

vnexpress.net Open in urlscan Pro 111.65.250.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

541 Requests

91 %HTTPS

32 %IPv6

56 Domains

127 Subdomains

101 IPs

11 Countries

10830 kBTransfer

24056 kBSize

98 Cookies

44 Outgoing links

Page URL History

Redirected requests

541 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Screenshot
Live screenshot

Full Image

541
Requests

91 %
HTTPS

32 %
IPv6

56
Domains

127
Subdomains

101
IPs

11
Countries

10830 kB
Transfer

24056 kB
Size

98
Cookies

541 HTTP transactions
8 data transactions