2sao.vn Open in urlscan Pro
103.21.150.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.2sao.vn/
Effective URL:
https://2sao.vn/
Submission: On March 16 via api (March 16th 2021, 5:28:25 pm UTC) from US

Summary HTTP 277 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 59 IPs in 12 countries across 57 domains to perform 277 HTTP transactions. The main IP is 103.21.150.172, located in Viet Nam and belongs to CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN. The main domain is 2sao.vn.
TLS certificate: Issued by RapidSSL RSA CA 2018 on April 14th 2020. Valid for: 2 years.

This is the only time 2sao.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	103.21.150.172 103.21.150.172	38732 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
27	103.21.150.164 103.21.150.164	38732 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	203.162.168.165 203.162.168.165	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
11	103.21.150.163 103.21.150.163	38732 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
1	210.211.113.38 210.211.113.38	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
10	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	183.91.14.6 183.91.14.6	45903 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:20:... 2606:4700:20::681a:3cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	183.91.11.69 183.91.11.69	45903 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
20	103.21.150.167 103.21.150.167	38732 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
2	123.30.139.97 123.30.139.97	7643 (VNPT-AS-V...) (VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT))
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	54.255.154.87 54.255.154.87	16509 (AMAZON-02) (AMAZON-02)
8 9	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4200:28fe:9b27:fbc6:f054	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
7	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
2	123.30.168.3 123.30.168.3	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
4	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	54.72.52.19 54.72.52.19	16509 (AMAZON-02) (AMAZON-02)
8	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
6 6	52.58.45.227 52.58.45.227	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	139.162.84.221 139.162.84.221	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	18.138.18.111 18.138.18.111	16509 (AMAZON-02) (AMAZON-02)
1 2	34.245.253.34 34.245.253.34	16509 (AMAZON-02) (AMAZON-02)
1 1	52.30.234.204 52.30.234.204	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:4036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	213.155.156.183 213.155.156.183	1299 (TELIANET ...) (TELIANET Telia Carrier)
14	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
4 4	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
2	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
3	123.30.175.112 123.30.175.112	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	123.30.175.51 123.30.175.51	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
4 4	54.194.129.87 54.194.129.87	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
2 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	54.36.172.109 54.36.172.109	16276 (OVH) (OVH)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	123.30.175.43 123.30.175.43	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
277	59

40 103.21.150.172 (Viet Nam) 1 redirects

ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

www.2sao.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2sao.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tintuconline.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 103.21.150.164 (Viet Nam)

ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

2sao.vietnamnetjsc.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.vietnamnetad.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.162.168.165 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

id.vietnamnet.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 103.21.150.163 (Viet Nam)

ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

embed.vietnamnettv.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ttol.vietnamnetjsc.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.211.113.38 (Ho Chi Minh City, Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

vnn-res.vgcloud.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.91.14.6 (Hanoi, Viet Nam)

ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

tracking.vietnamnetad.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:3cd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.radiantmediatechs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 183.91.11.69 (Hanoi, Viet Nam)

ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

v-cdn.vietnamnetjsc.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 103.21.150.167 (Viet Nam)

ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

vads.net.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.vads.net.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 123.30.139.97 (Viet Nam)

ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT), VN)

pub.lavanetwork.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery.lavanetwork.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

gamma.cachefly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.255.154.87 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

tag.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:28fe:9b27:fbc6:f054 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 123.30.168.3 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

cdn2.cache.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qc-static.coccoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.201.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.72.52.19 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.220.229.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

cm.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.45.227 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.226 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.84.221 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.138.18.111 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

cm.ambientdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.gammadsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.245.253.34 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-253-34.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.234.204 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.183 (Sweden) 4 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.96.126 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 123.30.175.112 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

ssp.qc.coccoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.175.51 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

qccoccocmedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.129.87 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.41 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.172.109 (France) 1 redirects

ASN16276 (OVH, FR)

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.175.43 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

display.qc.coccoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	vietnamnetjsc.vn 2sao.vietnamnetjsc.vn ttol.vietnamnetjsc.vn v-cdn.vietnamnetjsc.vn	12 MB
38	2sao.vn 1 redirects www.2sao.vn 2sao.vn	275 KB
26	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	84 KB
23	doubleclick.net 8 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	35 KB
20	vads.net.vn vads.net.vn log.vads.net.vn	17 KB
20	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	318 KB
10	gammaplatform.com tag.gammaplatform.com cm.gammaplatform.com d.gammaplatform.com	5 KB
10	gstatic.com fonts.gstatic.com	136 KB
9	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	74 KB
8	vietnamnettv.vn embed.vietnamnettv.vn	372 KB
7	facebook.net connect.facebook.net	283 KB
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	google.com adservice.google.com www.google.com	1 KB
6	google.de adservice.google.de www.google.de	2 KB
5	coccoc.com ssp.qc.coccoc.com display.qc.coccoc.com qc-static.coccoc.com	34 KB
5	adsrvr.org 5 redirects match.adsrvr.org	2 KB
5	facebook.com www.facebook.com	592 B
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	fiftyt.com 4 redirects visitor.fiftyt.com	2 KB
4	semasio.net 2 redirects uipglob.semasio.net	2 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
4	glotgrx.com pre.glotgrx.com	1 KB
4	yabidos.com pixel.yabidos.com	50 KB
4	vietnamnetad.vn tracking.vietnamnetad.vn img.vietnamnetad.vn	72 KB
4	vietnamnet.vn id.vietnamnet.vn	6 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	305 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	crwdcntrl.net 2 redirects bcp.crwdcntrl.net ad.crwdcntrl.net	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	googletagmanager.com www.googletagmanager.com	128 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	724 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	adform.net 2 redirects c1.adform.net	824 B
2	simpli.fi um.simpli.fi	1 KB
2	zeotap.com mwzeom.zeotap.com	982 B
2	criteo.com dis.criteo.com	651 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	cachefly.net gamma.cachefly.net	6 KB
2	googletagservices.com www.googletagservices.com	62 KB
2	lavanetwork.net pub.lavanetwork.net delivery.lavanetwork.net	2 KB
2	2mdn.net s0.2mdn.net	37 KB
2	tintuconline.com.vn tintuconline.com.vn	13 KB
1	quantserve.com 1 redirects pixel.quantserve.com	541 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu	516 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	contextweb.com 1 redirects bh.contextweb.com	496 B
1	qccoccocmedia.vn qccoccocmedia.vn	5 KB
1	gammadsp.com 1 redirects cm.gammadsp.com	443 B
1	ambientdsp.com 1 redirects cm.ambientdsp.com	448 B
1	appier.net 1 redirects gocm.c.appier.net	350 B
1	cache.vn cdn2.cache.vn	12 KB
1	tremorhub.com partners.tremorhub.com	183 B
1	googleadservices.com partner.googleadservices.com	637 B
1	radiantmediatechs.com cdn.radiantmediatechs.com	4 KB
1	jquery.com code.jquery.com	33 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	vgcloud.vn vnn-res.vgcloud.vn	1 KB
277	57

	Domain	Requested by
37	2sao.vn	2sao.vn
24	2sao.vietnamnetjsc.vn	2sao.vn
14	pagead2.googlesyndication.com	srcdoc 2sao.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	vads.net.vn	2sao.vn
11	v-cdn.vietnamnetjsc.vn	embed.vietnamnettv.vn
10	fonts.gstatic.com	fonts.googleapis.com
9	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
8	embed.vietnamnettv.vn	2sao.vn embed.vietnamnettv.vn
7	cm.gammaplatform.com	2sao.vn ads.pubmatic.com
7	ads.pubmatic.com	2sao.vn ads.pubmatic.com
7	log.vads.net.vn	2sao.vn
7	connect.facebook.net	2sao.vn connect.facebook.net id.vietnamnet.vn
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com embed.vietnamnettv.vn 2sao.vn
6	simage2.pubmatic.com	ads.pubmatic.com
6	x.bidswitch.net	6 redirects
6	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	match.adsrvr.org	5 redirects
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	www.facebook.com	2sao.vn connect.facebook.net
4	match.prod.bidr.io	4 redirects
4	visitor.fiftyt.com	4 redirects
4	uipglob.semasio.net	2 redirects ads.pubmatic.com
4	d5p.de17a.com	4 redirects
4	pre.glotgrx.com	2sao.vn
4	pixel.yabidos.com	2sao.vn pixel.yabidos.com
4	id.vietnamnet.vn	2sao.vn id.vietnamnet.vn
3	ssp.qc.coccoc.com	cdn2.cache.vn qccoccocmedia.vn
3	img.vietnamnetad.vn	2sao.vn
3	ttol.vietnamnetjsc.vn	tintuconline.com.vn
3	stats.g.doubleclick.net	2sao.vn www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects 2sao.vn
3	www.googletagmanager.com	2sao.vn www.googletagmanager.com embed.vietnamnettv.vn
2	sync-tm.everesttech.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ib.adnxs.com	2 redirects
2	c1.adform.net	2 redirects
2	um.simpli.fi	ads.pubmatic.com image6.pubmatic.com
2	aud.pubmatic.com	ads.pubmatic.com
2	mwzeom.zeotap.com	ads.pubmatic.com
2	dis.criteo.com	image6.pubmatic.com
2	image6.pubmatic.com	ads.pubmatic.com
2	bcp.crwdcntrl.net	1 redirects 2sao.vn
2	sync.mathtag.com	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	tag.gammaplatform.com	2sao.vn
2	gamma.cachefly.net	2sao.vn
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	s0.2mdn.net	imasdk.googleapis.com googleads.g.doubleclick.net
2	imasdk.googleapis.com	embed.vietnamnettv.vn imasdk.googleapis.com
2	tintuconline.com.vn	2sao.vn tintuconline.com.vn
2	ssl.google-analytics.com	1 redirects 2sao.vn
2	fonts.googleapis.com	2sao.vn tintuconline.com.vn
1	www.google.de
1	www.google.com
1	qc-static.coccoc.com	qccoccocmedia.vn
1	display.qc.coccoc.com	qccoccocmedia.vn
1	pixel.quantserve.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	image6.pubmatic.com
1	bh.contextweb.com	1 redirects
1	qccoccocmedia.vn	cdn2.cache.vn
1	d.gammaplatform.com	2sao.vn
1	ad.crwdcntrl.net	1 redirects
1	cm.gammadsp.com	1 redirects
1	cm.ambientdsp.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	cdn2.cache.vn	2sao.vn
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	delivery.lavanetwork.net	2sao.vn
1	pub.lavanetwork.net	2sao.vn
1	cdn.radiantmediatechs.com	embed.vietnamnettv.vn
1	code.jquery.com	id.vietnamnet.vn
1	tracking.vietnamnetad.vn	2sao.vn
1	cdnjs.cloudflare.com	2sao.vn
1	vnn-res.vgcloud.vn	2sao.vn
1	www.2sao.vn	1 redirects
277	82

This site contains links to these domains. Also see Links.

Domain
id.vietnamnet.vn
vads.vn
vietnamnet.vn

Subject Issuer	Validity	Valid
*.2sao.vn RapidSSL RSA CA 2018	`2020-04-14` - `2022-04-14`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.vietnamnetjsc.vn RapidSSL RSA CA 2018	`2020-04-14` - `2022-04-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.vietnamnet.vn DigiCert TLS RSA SHA256 2020 CA1	`2020-11-24` - `2021-12-24`	a year	crt.sh
*.vietnamnettv.vn RapidSSL RSA CA 2018	`2020-04-14` - `2022-04-14`	2 years	crt.sh
*.tintuconline.com.vn RapidSSL RSA CA 2018	`2020-04-14` - `2022-04-14`	2 years	crt.sh
*.vgcloud.vn DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-17`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.vietnamnetad.vn RapidSSL RSA CA 2018	`2020-04-14` - `2022-04-14`	2 years	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
radiantmediatechs.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.vads.net.vn RapidSSL RSA CA 2018	`2020-04-14` - `2022-04-14`	2 years	crt.sh
pub.lavanetwork.net Sectigo RSA Domain Validation Secure Server CA	`2020-11-20` - `2021-12-21`	a year	crt.sh
delivery.lavanetwork.net Sectigo RSA Domain Validation Secure Server CA	`2020-11-20` - `2021-12-21`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gammaplatform.com Go Daddy Secure Certificate Authority - G2	`2020-09-22` - `2021-10-24`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
cdn2.cache.vn AlphaSSL CA - SHA256 - G2	`2019-08-15` - `2021-08-15`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2020-12-14` - `2022-01-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.qc.coccoc.com AlphaSSL CA - SHA256 - G2	`2019-07-17` - `2021-07-17`	2 years	crt.sh
qccoccocmedia.vn AlphaSSL CA - SHA256 - G2	`2019-07-19` - `2021-07-19`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
qc-static.coccoc.com AlphaSSL CA - SHA256 - G2	`2020-02-17` - `2022-03-27`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://2sao.vn/
Frame ID: 35273143EDADF7FAEA20467DF3A19593
Requests: 164 HTTP requests in this frame

Frame: https://id.vietnamnet.vn/PopupFBLogin2019.aspx
Frame ID: 8A920EB1853F35F304F415A852D471DE
Requests: 6 HTTP requests in this frame

Frame: https://embed.vietnamnettv.vn/v/216731.html
Frame ID: 958F67D9A9C1B3DD1EFF51DFD3112FE9
Requests: 27 HTTP requests in this frame

Frame: https://tintuconline.com.vn/Common/TtolTo2SaoV3
Frame ID: D6AE331B7D5EB76A097E4025E915179B
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: FDB002BC970422B985FE6DAB3301A011
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 16E35F563CFFA456D610C533B573D047
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210310/r20190131/zrt_lookup.html
Frame ID: B5FF401DC433A58820AF176F77092C17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=1337934782&adk=180678796&adf=226184560&pi=t.ma~as.1337934782&w=300&lmt=1615915679&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915678943&bpp=11&bdt=9292&idt=99&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1338956514774&frm=20&pv=2&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0nBK2DYLmd&p=https%3A//2sao.vn&dtd=122
Frame ID: FE9DE4D28DF71A711855F8ECB584546B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&adk=1812271804&adf=3025194257&lmt=1615915679&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F2sao.vn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615915678955&bpp=3&bdt=9304&idt=118&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=140
Frame ID: 8B80C8F99A9A709CFB7C46DD64BC1AE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCevu-5AhiBxoWeATAB&v=APEucNUFnEvWW3Oeky542qmh5RuqR5kyVwE6pyPS23dxKYsR1gl9Zw55lORpbywtIRQdZl93olYyDZZVilutvqlCRb886s1vZ6qogUznj53C7EmQvc3MJ7C67OfPKosCvhNMzzNYP9NP
Frame ID: 6743F999A0D3EFE9527187EF25821954
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 57A10541FE275FF28636E4037DC3C071
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Frame ID: 5E191849A93C75C73AB68CD38CD29489
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Frame ID: 91CC51701E6FCA344E23DB31C487292E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EB3B7D01E4A06DD8DEA14A81A68B33A0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1F4126BC942BE5A0A2EACC705183A180
Requests: 19 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4613369655499756709
Frame ID: 1FBA5EA54D267E98AD97FE3F418EC3A5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 88F3837BB715EAC3FC6C72E88829B2B4
Requests: 1 HTTP requests in this frame

Frame: https://cm.gammaplatform.com/adx/recv?pid=53&uid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1
Frame ID: 27B57CD20F502AC63351683850785F91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=8721996733&adk=1851583187&adf=2616621394&pi=t.ma~as.8721996733&w=300&lmt=1615915681&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915681582&bpp=1&bdt=11931&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ecdfb6b0957aaf0-22d41ca01ba7009a%3AT%3D1615915679%3ART%3D1615915679%3AS%3DALNI_ManTQtUZJ9knTLnGiz55QBJ3N0CmQ&prev_fmts=300x250%2C0x0&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ck8vI0ubXV&p=https%3A//2sao.vn&dtd=17
Frame ID: 5020F94EF7E774E9601701B90E30E8D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=4800361039&adk=3710405617&adf=3872338552&pi=t.ma~as.4800361039&w=300&lmt=1615915682&psa=0&format=300x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915682274&bpp=2&bdt=12623&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ecdfb6b0957aaf0-22d41ca01ba7009a%3AT%3D1615915679%3ART%3D1615915679%3AS%3DALNI_ManTQtUZJ9knTLnGiz55QBJ3N0CmQ&prev_fmts=300x250%2C0x0%2C300x250&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=EYi7mq6NLP&p=https%3A//2sao.vn&dtd=11
Frame ID: 03DCD8D93C7A12B28D1AE778938BE575
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=5934506399&adk=2003467330&adf=4011520158&pi=t.ma~as.5934506399&w=300&lmt=1615915682&psa=0&format=300x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915682689&bpp=2&bdt=13038&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C300x250%2C300x600&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=OS59eTXJWU&p=https%3A//2sao.vn&dtd=13
Frame ID: 14BCCA80A03EA1B6CC84C801C4DD4CDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=2001146221&adk=3130887505&adf=3243823506&pi=t.ma~as.2001146221&w=160&lmt=1615915683&psa=0&format=160x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915683524&bpp=2&bdt=13873&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C300x250%2C300x600%2C300x600&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=130&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8q2mna7mAS&p=https%3A//2sao.vn&dtd=8
Frame ID: 069E05F1A10F1EE86DBB23AA400CDBDA
Requests: 1 HTTP requests in this frame

Frame: https://qccoccocmedia.vn/get_adm?id=b2631d14-b3cf-4160-aa81-3571e15cacde&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Frame ID: 2C8DCA33B9AC3EAB94DC1F57A5E606D1
Requests: 6 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5522865221308078194
Frame ID: 166394F70ECFB79C31049210A5853767
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8EDBAF582B71A8E998D0074279AFB7C4
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJRTk7AodUAABBHW4pAZw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 96D2A6BF338A749051F3CFF504377ED5
Requests: 1 HTTP requests in this frame

Frame: https://cm.gammaplatform.com/adx/recv?pid=35&uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C
Frame ID: D120C2B1C13F47CC67BAC98D624BE7C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 13D3A61514343DE9E9D27010640B9601
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.2sao.vn/ HTTP 301
https://2sao.vn/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

277
Requests

99 %
HTTPS

38 %
IPv6

57
Domains

82
Subdomains

59
IPs

12
Countries

15108 kB
Transfer

18967 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://id.vietnamnet.vn/Home.html
Title: Trang cá nhân

Search URL Search Domain Scan URL

URL: https://id.vietnamnet.vn/PopupResendActiveCode2019.aspx
Title: Gửi lại mã xác nhận

Search URL Search Domain Scan URL

URL: https://id.vietnamnet.vn/PopupRecoveryPassword2019.aspx
Title: Quên mật khẩu?

Search URL Search Domain Scan URL

URL: https://id.vietnamnet.vn/PopupRegister2019.aspx
Title: Đăng kí

Search URL Search Domain Scan URL

URL: https://vads.vn/

Search URL Search Domain Scan URL

URL: https://vietnamnet.vn/vn/the-thao/
Title: thể thao

Search URL Search Domain Scan URL

URL: https://vietnamnet.vn/vn/the-thao/bong-da-quoc-te/
Title: tin bóng đá

Search URL Search Domain Scan URL

URL: http://vads.vn/
Title: Liên hệ quảng cáo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.2sao.vn/ HTTP 301
https://2sao.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=655328312&utmhn=2sao.vn&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&utmhid=1513476994&utmr=-&utmp=%2F&utmht=1615915670788&utmac=UA-88634367-1&utmcc=__utma%3D40217057.1053352621.1615915671.1615915671.1615915671.1%3B%2B__utmz%3D40217057.1615915671.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1724512769&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88634367-1&cid=1053352621.1615915671&jid=1724512769&_v=5.7.2&z=655328312

Request Chain 71

https://sb.scorecardresearch.com/b?c1=2&c2=28756805&ns__t=1615915670798&ns_c=UTF-8&cv=3.5&c8=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&c7=https%3A%2F%2F2sao.vn%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=28756805&ns__t=1615915670798&ns_c=UTF-8&cv=3.5&c8=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&c7=https%3A%2F%2F2sao.vn%2F&c9=&cs_ak_ss=1

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_sc&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEFvmri6pR0j8KFMbaEAc0z0&google_cver=1

Request Chain 179

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ambient-digital&ttd_tpi=1 HTTP 302
https://cm.gammaplatform.com/adx/recv?pid=5&uid=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc

Request Chain 180

https://x.bidswitch.net/sync?ssp=ambient HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=ambient HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dambient%26bsw_param%3Db87bf0be-8c16-43be-928c-bc9cb9eabc4d HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=66e16050-eaa1-4700-ba8c-5e56cbef3b9b&expires=30&ssp=ambient&bsw_param=b87bf0be-8c16-43be-928c-bc9cb9eabc4d HTTP 302
https://cm.gammaplatform.com/adx/recv?pid=7&uid=b87bf0be-8c16-43be-928c-bc9cb9eabc4d

Request Chain 181

https://gocm.c.appier.net/ambient HTTP 302
https://cm.gammaplatform.com/adx/recv?pid=10&uid=HCQwC4U7AXKsXIlCoepQYA

Request Chain 182

https://cm.ambientdsp.com/cm/send?vc=gaj HTTP 301
https://cm.gammaplatform.com/adx/recv?pid=31&uid=qa5wudkfdts

Request Chain 183

https://cm.gammadsp.com/cm/send?vc=gdj HTTP 301
https://cm.gammaplatform.com/adx/recv?pid=50&uid=qa5wudt5obj

Request Chain 184

https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=pznyu21y0ffy HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=pznyu21y0ffy

Request Chain 185

https://ad.crwdcntrl.net/5/c=13633/pe=y?https%3A%2F%2Fd.gammaplatform.com%2Fltm%2Fsync%3Fsegs%3D%24%7Baud_ids%7D HTTP 302
https://d.gammaplatform.com/ltm/sync?segs=

Request Chain 192

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4613369655499756709

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=naKxr4MfTq6B8w9_ypuN4Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 197

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 198

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&addseg=17

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OURBMkIxQUYtODMxRi00RUFFLTgxRjMtMEY3RkNBOUI4REUx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGUUn-Kj-dcrXkRYnnU03e4&google_cver=1

Request Chain 202

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_36dqqtxEZRPuK9rYNHcg&google_cver=1

Request Chain 241

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5522865221308078194

Request Chain 242

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3f7d0ff0-f1a5-4982-ba89-ed50d8f7efa9

Request Chain 244

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKUlRrN0FvZFVBQUJCSFc0cEFadw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJRTk7AodUAABBHW4pAZw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJRTk7AodUAABBHW4pAZw&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJRTk7AodUAABBHW4pAZw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rj0cBMGJQciOnpdbQT9fPA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 248

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 249

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&addseg=17

Request Chain 250

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUUzRDFDMDQtQzE4OS00MUM4LThFOUUtOTc1QjQxM0Y1RjND&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 251

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4082974739836487256

Request Chain 252

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:847d6050-eaa4-4700-b611-a9623f3153c3&gdpr=0&gdpr_consent=

Request Chain 253

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2452115999356747516&gdpr=0&gdpr_consent=

Request Chain 255

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFRdwdxE2uUhtwtWNyRLmuv17LpCOJ0-~A&gdpr=0&gdpr_consent=

Request Chain 256

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=880a6018-d5c0-429d-9927-8715c08936b2&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 257

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fuKEzC2z0Mhl6oKfLuucyi7hgphl59LPLuSYtKGM

Request Chain 258

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFDqpAAAAKYISizr HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFDqpAAAAKYISizr&gdpr=0&gdpr_consent=&_test=YFDqpAAAAKYISizr

277 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
2sao.vn/
Redirect Chain

https://www.2sao.vn/
https://2sao.vn/

287 KB
58 KB

832ms
605ms

Document
text/html

103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

227b230a482ca6ec40fdaf411a41cf5dc03d79a051e13621c12ccca7de0c79d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 2sao.vn
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 16 Mar 2021 17:27:49 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
cache-control: private
backend: 93
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 16 Mar 2021 17:27:48 GMT
content-type: text/html
content-length: 162
location: https://2sao.vn/
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 16 KB
999 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4fb738653746b2f5402ce74057c6ec2dbe4ec4040ae2bb8a0c8a8e71e950742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 16:25:32 GMT
server: ESF
date: Tue, 16 Mar 2021 17:27:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 17:27:49 GMT

GET
H2 200 jquery.min.js Show response
2sao.vn/Content/v2/lib/jquery/ 95 KB
39 KB 462ms
461ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/v2/lib/jquery/jquery.min.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:20 GMT
server: nginx
etag: W/"36832d67dcf8d41:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:49 GMT

GET
H2 200 lozad.min.js Show response
2sao.vn/Scripts/ 3 KB
3 KB 238ms
236ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Scripts/lozad.min.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

86cb70843986570663230b7a4a54c6eac4014445ab5930635538a4fc92e56f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Feb 2020 02:58:33 GMT
server: nginx
etag: "e45f14dbeead51:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
backend: 238
accept-ranges: bytes
content-length: 2721
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:49 GMT

GET
H2 200 jquery.writeCapture.js Show response
2sao.vn/Scripts/ 32 KB
11 KB 240ms
238ms Script
application/javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Scripts/jquery.writeCapture.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

cb570226152be5b80fa388b8c10afb484e0d97256222cd1df8bd696a6ee7c86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2017 08:37:34 GMT
server: nginx
etag: W/"f0302b111e97d21:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
backend: 237
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:49 GMT

GET
H2 200 main.css
2sao.vn/Content/VnnId/css/ 15 KB
5 KB 251ms
249ms Stylesheet
text/css 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/VnnId/css/main.css

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

3711af5e2fd53d44c034dcb5927ea2c8bb11746a99b3bd77b5432e4497c2566c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 01 Feb 2020 13:18:48 GMT
server: nginx
etag: W/"5b9596232d9d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
backend: 236
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:49 GMT

GET
H2 200 ajaxq.js Show response
2sao.vn/Content/VnnId/js/ 652 B
926 B 465ms
464ms Script
application/javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/VnnId/js/ajaxq.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

02a1e213d6f55a07c6205440187c783586864ef3c382a473f8ffffcabcc33699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Jan 2020 02:53:23 GMT
server: nginx
etag: "cb2f30f25d0d51:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
backend: 235
accept-ranges: bytes
content-length: 652
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 lib-login.js Show response
2sao.vn/Content/VnnId/js/ 75 KB
24 KB 247ms
246ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/VnnId/js/lib-login.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

00e947b3038eb4f6bf9d76bc4a1c326b20894068cdd791f1567ea618f59a16bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Jan 2020 02:53:23 GMT
server: nginx
etag: W/"808e38f25d0d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
backend: 93
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:49 GMT

GET
H2 200 main.js Show response
2sao.vn/Content/VnnId/js/ 7 KB
7 KB 239ms
238ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/VnnId/js/main.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

29a1e0309e7a84614e20257ff99e87b2643c6d5e2f16b6e308172127f7b682c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Jan 2020 02:53:23 GMT
server: nginx
etag: "f3b3af25d0d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
backend: 7
accept-ranges: bytes
content-length: 6769
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:49 GMT

GET
H2 200 logo.svg
2sao.vn/Content/v2/img/ 2 KB
2 KB 260ms
256ms Image
image/svg+xml 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/logo.svg

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

6a8e0073d28c8399db8631f4ca4e7ea67f37954a95e99aaa65fcf1a6c36412b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2019 03:45:33 GMT
server: nginx
etag: "ed481c338a67d51:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
backend: 232
accept-ranges: bytes
content-length: 2064
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 2sao-home-icon.png
2sao.vn/Content/v2/img/ 3 KB
3 KB 247ms
244ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/2sao-home-icon.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

0f3fa2ec10e506b3213bbcd38f1cd8e98d390b594b85bfd6fad14c7a40d02f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Jun 2019 09:49:35 GMT
server: nginx
etag: "83907bcb962dd51:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 231
accept-ranges: bytes
content-length: 3040
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 phi-nhung-oki-01.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/16/00/ 44 KB
45 KB 1377ms
889ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/16/00/phi-nhung-oki-01.jpg?width=440
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 67037f994140b6f52011f6edf8d0e8ae16f31ec0b6d58e96f94d31c9395b0739

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Tue, 16 Mar 2021 09:37:07 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 45394
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 hang-tui-ok.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/16/37/ 12 KB
12 KB 1600ms
1112ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/16/37/hang-tui-ok.jpg?width=207
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6db9bc8de1f89ac4d6200d240da1506e371c5b7baa11cae5e10d9bb0453812ef

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Tue, 16 Mar 2021 12:04:54 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 12569
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 hoangnn.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/16/58/ 15 KB
15 KB 1600ms
1112ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/16/58/hoangnn.jpg?width=207
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: dec0131704a97ea7d68dee50776670104b3d67e12cfe971247c070d82cbf36fd

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Tue, 16 Mar 2021 12:04:54 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 15179
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 tu-dua-oki-02.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/16/50/ 13 KB
13 KB 1600ms
1113ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/16/50/tu-dua-oki-02.jpg?width=207
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: f6f5146b6eef0550aaab33a3a1f453b7730fd34927b094a49ad6c0c5859b8a36

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Tue, 16 Mar 2021 12:47:12 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 13460
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 ca-si-do-hieu-ava.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/18/35/ 6 KB
6 KB 975ms
670ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/18/35/ca-si-do-hieu-ava.jpg?width=207
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4b2c3c8e5d84fbe1ded93c72dd5f5585f9d01bec1a71ab013ef4153d893ff29f

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Tue, 16 Mar 2021 11:36:51 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 6109
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 anhdd.gif
2sao.vietnamnetjsc.vn/images/2021/03/16/19/10/ 2 MB
2 MB 1416ms
1112ms Image
image/gif 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/19/10/anhdd.gif?width=207
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4d17e6969f44d5f14d60b369bafd497ec0ffea712db5594e4d224b90f6c2e1b6

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Tue, 16 Mar 2021 12:10:31 GMT
server: nginx
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 2261376
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 icon-video.svg
2sao.vn/Content/v2/img/icon/ 929 B
1 KB 260ms
256ms Image
image/svg+xml 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/icon-video.svg

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

1cd22c2039d706a652c64a1328b2a256f361c807a4cc4790e5de6d9dceb1d790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:18 GMT
server: nginx
etag: "5d4d565dcf8d41:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
backend: 235
accept-ranges: bytes
content-length: 929
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 hoa-vinh.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/17/35/ 12 KB
12 KB 758ms
454ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/17/35/hoa-vinh.jpg?width=207
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 7163b97c6955b2a61a4a7fdfee3095d11c86a60e90d4572a709af3ce742b1198

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Tue, 16 Mar 2021 12:07:58 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 11990
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 blank.png
2sao.vietnamnetjsc.vn/ 68 B
261 B 1416ms
1113ms Image
image/png 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/blank.png
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Fri, 28 Feb 2020 07:35:16 GMT
server: nginx
x-cache-status: HIT
content-type: image/png
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 68
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 page.jpg
2sao.vietnamnetjsc.vn/images/2021/03/11/10/57/ 12 KB
12 KB 1105ms
1102ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/11/10/57/page.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 828ec89721d6956597a30f7262942389188efd309e829a9fa2df6f639ac963a8

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Fri, 12 Mar 2021 05:59:33 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 11948
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 van-quang-long-64.jpg
2sao.vietnamnetjsc.vn/images/2021/03/11/16/06/ 10 KB
10 KB 1105ms
1102ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/11/16/06/van-quang-long-64.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: a52f9f92f59b08bc7179496a1fd9888c2ca614907d73ad76d3b36a5b0ce92703

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Fri, 12 Mar 2021 05:59:33 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 10035
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 danhg-hh.gif
2sao.vietnamnetjsc.vn/images/2021/03/11/06/57/ 3 MB
3 MB 1105ms
1103ms Image
image/gif 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/11/06/57/danhg-hh.gif?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0cc6b8c92ded71c519d7eb5f5a4c855bc67c17f8c675f7ccd9a2df7a6bbc2bd1

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Wed, 10 Mar 2021 23:57:41 GMT
server: nginx
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 3052431
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 dai-nghia-vo-tan-phat-ava-1.jpg
2sao.vietnamnetjsc.vn/images/2021/03/11/07/02/ 11 KB
11 KB 1105ms
1103ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/11/07/02/dai-nghia-vo-tan-phat-ava-1.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: ef643a775bbfc10787a15cfa89fa5f172ca3e288dc35a6df4c2dce2d4e03c390

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Fri, 12 Mar 2021 05:59:32 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 11448
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 thuan-nguyen-64.jpg
2sao.vietnamnetjsc.vn/images/2021/03/11/13/14/ 12 KB
12 KB 1105ms
1103ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/11/13/14/thuan-nguyen-64.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: e105164ae64d7b4e42162e6aa2a5fb1923442ac7b8aa61ee3734528bd3372a8d

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Fri, 12 Mar 2021 05:59:33 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 11810
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 ezgifcom-gif-maker-2.jpg
2sao.vietnamnetjsc.vn/images/2021/03/11/16/09/ 7 KB
7 KB 1106ms
1103ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/11/16/09/ezgifcom-gif-maker-2.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: efe32e868a74737de1b7aedf1a125664e35ab5dd482fd70b93a80b715f497cc9

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Thu, 11 Mar 2021 12:00:12 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 7055
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 quy-binh-ava-1.jpg
2sao.vietnamnetjsc.vn/images/2021/03/09/14/25/ 12 KB
13 KB 1106ms
1103ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/09/14/25/quy-binh-ava-1.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0a0ee7622f442d3f067dbbd2e70851b5fd88f6013f4dd260bd46356c20d87842

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Wed, 10 Mar 2021 04:05:55 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 12674
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 le-quyen-lam-bao-chau-ava-1.jpg
2sao.vietnamnetjsc.vn/images/2021/03/09/10/37/ 7 KB
7 KB 1106ms
1103ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/09/10/37/le-quyen-lam-bao-chau-ava-1.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 8ea02ae1cc62b4f79fbfee340fbe0ba005806a0f452e3426d7b46d1cb10d1c29

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Wed, 10 Mar 2021 04:05:55 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 7406
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 lan-ngoc-oki-01.jpg
2sao.vietnamnetjsc.vn/images/2021/03/02/16/59/ 9 KB
10 KB 1106ms
1103ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/02/16/59/lan-ngoc-oki-01.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: c04f165e8d5723ee411caff6eb460ce69c4efe234da28e8ac9f6a8c2b8d5253d

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Wed, 03 Mar 2021 09:38:32 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 9672
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 icon-tin-moi.svg
2sao.vn/Content/v2/img/icon/ 2 KB
3 KB 241ms
239ms Image
image/svg+xml 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/icon-tin-moi.svg

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

f65a324e34f5ef3276f60fa79da79d7be7b21b2b59cc4e92b7f249830ac7be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:18 GMT
server: nginx
etag: "2e1baa65dcf8d41:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
backend: 232
accept-ranges: bytes
content-length: 2398
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 cuu.jpg
2sao.vietnamnetjsc.vn/images/2021/03/01/12/50/ 10 KB
10 KB 1106ms
1104ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/01/12/50/cuu.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 707996cf827f07e12dd4da0b1c1fa6d5057f9faf48612a924dda30a1a83cf77a

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Mon, 01 Mar 2021 05:51:07 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 10373
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 my-tam-1.jpg
2sao.vietnamnetjsc.vn/images/2021/02/19/17/13/ 10 KB
10 KB 1106ms
1104ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/02/19/17/13/my-tam-1.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: e32865ebfc622e114e86c02544e4d4bb96347120cd2a41d912d7b55df84de09f

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Fri, 19 Feb 2021 10:24:40 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 10450
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 tho-nguyen-1.jpg
2sao.vietnamnetjsc.vn/images/2021/03/10/17/10/ 9 KB
10 KB 1106ms
1104ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/10/17/10/tho-nguyen-1.jpg?width=193
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: d8b0837893cd810d4cb682fe141a55be8bcf80d6c7020e97bdacac977f826667

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:31 GMT
last-modified: Wed, 10 Mar 2021 10:15:48 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 9609
expires: Wed, 16 Mar 2022 17:28:31 GMT

GET
H2 200 icon-media-clip.svg
2sao.vn/Content/v2/img/icon/ 2 KB
2 KB 242ms
240ms Image
image/svg+xml 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/icon-media-clip.svg

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

55319c6ad88c808d3b42309cd427a824a94e40b1ed0dcfc026898cff0e137584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:17 GMT
server: nginx
etag: "2c117865dcf8d41:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2251
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 play-icon.png
2sao.vn/Content/v2/img/icon/ 3 KB
4 KB 253ms
253ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/play-icon.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

5b73c120eaf716380d97e7bb9b997f355f1ef0c4b2eace27fb318f4061cfe3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "b2d12e66dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 238
accept-ranges: bytes
content-length: 3420
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 noimage.png
2sao.vn/Content/v2/img/icon/ 68 B
333 B 237ms
236ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/noimage.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Aug 2019 09:39:56 GMT
server: nginx
etag: "24c9f2393b57d51:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 236
accept-ranges: bytes
content-length: 68
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 footer-logo.png
2sao.vn/Content/v2/img/ 5 KB
5 KB 240ms
239ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/footer-logo.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

c3eb5f707a55bd9eccf8f9d203261f1ead2772bd70ab235b742448dd0590e11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:23:44 GMT
server: nginx
etag: "a9da4051dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 235
accept-ranges: bytes
content-length: 5331
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 back-top-2sao.svg
2sao.vn/Content/v2/img/icon/ 1 KB
1 KB 261ms
257ms Image
image/svg+xml 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/back-top-2sao.svg

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

28019323978f76a552b6ba82e659440378df9d0d3f42f4021c77850cec5fc77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 09:51:43 GMT
server: nginx
etag: "ab9770d9186ad51:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1031
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 easing.min.js Show response
2sao.vn/Content/v2/lib/easing/ 2 KB
3 KB 245ms
245ms Script
application/javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/v2/lib/easing/easing.min.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

901eb80cc3f8c274fe6711bd023884258839610c9274082a4881f71e2206b4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:20 GMT
server: nginx
etag: "48caf166dcf8d41:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
backend: 231
accept-ranges: bytes
content-length: 2303
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 jquery.mCustomScrollbar.js Show response
2sao.vn/Content/v2/lib/scrollbar/ 89 KB
26 KB 258ms
251ms Script
application/javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/v2/lib/scrollbar/jquery.mCustomScrollbar.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

ffd34657a6e1a500b825ce638e4f968586c43df088e6d139f42eba08f0e03b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:21 GMT
server: nginx
etag: W/"fda78867dcf8d41:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
backend: 232
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 slick.min.js Show response
2sao.vn/Content/v2/slick/ 42 KB
13 KB 259ms
250ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/v2/slick/slick.min.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:21 GMT
server: nginx
etag: W/"fd75cd67dcf8d41:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 jquery.shares.min.js Show response
2sao.vn/Content/v2/js/ 3 KB
3 KB 243ms
237ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/v2/js/jquery.shares.min.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

ab7f1ac6ebece3fd60457da60d40bcc2da99376617904cb26b48e128449467ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "f3a3a866dcf8d41:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
backend: 238
accept-ranges: bytes
content-length: 3209
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 2sao.script.js Show response
2sao.vn/Content/v2/js/ 38 KB
11 KB 297ms
291ms Script
application/javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/v2/js/2sao.script.js?v=200120212

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

34c0d91819e04e65067b2ff717a7dbaa165c21acd18ac8d12ad5b94423db965c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Dec 2019 08:03:41 GMT
server: nginx
etag: W/"49169e2b67aed51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
backend: 237
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 main.js Show response
2sao.vn/Content/v2/js/ 0
264 B 313ms
307ms Script
application/javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Content/v2/js/main.js?v=200120212

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "a926ae66dcf8d41:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
backend: 236
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 vnn2saoVote.js Show response
2sao.vn/Scripts/ 5 KB
5 KB 238ms
238ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Scripts/vnn2saoVote.js?v=200120212

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

0be3d2ecad77c2629add9859e2f91485b809f1ec6825cd05a14c81094ca6acec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 09:30:24 GMT
server: nginx
etag: "e577cc5d3ef1d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
backend: 93
accept-ranges: bytes
content-length: 4673
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 vnn2saov2.js Show response
2sao.vn/Scripts/ 32 KB
7 KB 256ms
254ms Script
application/x-javascript 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://2sao.vn/Scripts/vnn2saov2.js?v=200120212

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

07280df7a572505ff69dcc5ceeae4028973d80a705c5ce6800c35daadf2a2a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 18:46:52 GMT
server: nginx
etag: W/"a8cc957393eed61:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
backend: 7
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
36 KB 24ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDRKR44

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf42ed24785a8ca5430febe4c01b2f59090da2dc783d35ea7842760a9315dab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36388
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 16:19:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 17:27:50 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 83ms
24ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:27:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 17 Mar 2021 17:27:50 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 39ms
8ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1151
date: Tue, 16 Mar 2021 17:08:39 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 16 Mar 2021 19:08:39 GMT

GET
H/1.1 200
OK Cookie set PopupFBLogin2019.aspx Show response
id.vietnamnet.vn/ Frame 8A92 4 KB
2 KB 1567ms
231ms Document
text/html 203.162.168.165
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://id.vietnamnet.vn/PopupFBLogin2019.aspx
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 203.162.168.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: 900ffce45cbdfbfbd1d035ba1fba957d77fe23a3277dc9d32adfc1f90bbeb040

Request headers

Host: id.vietnamnet.vn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://2sao.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=dr1uzqxsqwvqsvw4zrjjlvhd; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Date: Tue, 16 Mar 2021 17:27:47 GMT
Connection: close
Content-Length: 1666

GET
H2 200 216731.html Show response
embed.vietnamnettv.vn/v/ Frame 958F 20 KB
5 KB 1317ms
241ms Document
text/html 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/v/216731.html
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5d7ca3b24a718fe38473321d3dbe03e77104c666b0a2eb67058d50ce882bd4bb

Request headers

:method: GET
:authority: embed.vietnamnettv.vn
:scheme: https
:path: /v/216731.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

server: nginx
date: Tue, 16 Mar 2021 17:26:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=180
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
expires: Tue, 16 Mar 2021 17:29:46 GMT
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 TtolTo2SaoV3 Show response
tintuconline.com.vn/Common/ Frame D6AE 7 KB
7 KB 1046ms
237ms Document
text/html 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tintuconline.com.vn/Common/TtolTo2SaoV3
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 58eea8f8ce5e416c2a790d598080ccd0f069793268fe6d05d66ae844f91f0c3d

Request headers

:method: GET
:authority: tintuconline.com.vn
:scheme: https
:path: /Common/TtolTo2SaoV3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

server: nginx
date: Tue, 16 Mar 2021 17:27:51 GMT
content-type: text/html; charset=utf-8
content-length: 7003
backend: 93
cache-control: public
x-cache-status: HIT

GET
H2 200 news-new.png
2sao.vn/Content/v2/img/icon/ 4 KB
4 KB 260ms
256ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/news-new.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

d6571d5e522287df1f00501922131f5cb590a5c8b378e71512e6717d048ad3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "10d21966dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 231
accept-ranges: bytes
content-length: 3691
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 event-top.png
2sao.vn/Content/v2/img/icon/ 3 KB
4 KB 256ms
252ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/event-top.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

d317eb7371b1b31f877a68259e947b0e1a1ef53ea7b78babcd0229b313133d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:16 GMT
server: nginx
etag: "bc4fe764dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 237
accept-ranges: bytes
content-length: 3417
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 search-top.png
2sao.vn/Content/v2/img/icon/ 3 KB
3 KB 259ms
255ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/search-top.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

e26f11e94949e0799a55c0ef09bd82a76f84cb5a2ce7db3e4884b9ceaac98bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "30436066dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 236
accept-ranges: bytes
content-length: 3097
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H/1.1 200
OK iconlogin-idvnn-sliver.svg
vnn-res.vgcloud.vn/ResV9/images/ 826 B
1 KB 1166ms
236ms Image
image/svg+xml 210.211.113.38
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vnn-res.vgcloud.vn/ResV9/images/iconlogin-idvnn-sliver.svg

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Content/VnnId/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.211.113.38 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

Resource Hash

15ef4a0a5771010dd90d761d24bc336dfe4e99fbf501f558f930f9c4209a442e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:27:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Jun 2019 04:07:26 GMT
Age: 9
X-Cache: HIT
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 826
Expires: Sun, 24 Jan 2021 04:20:04 GMT

GET
H2 200 line-rept.png
2sao.vn/Content/v2/img/icon/ 3 KB
3 KB 282ms
277ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/line-rept.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

bda681dfdfbd46ea74aeb67ca5e3ff599cf6c944c80a5d8207bae79a56cfb6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:18 GMT
server: nginx
etag: "95acf665dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 7
accept-ranges: bytes
content-length: 2893
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 star-box.png
2sao.vn/Content/v2/img/icon/ 3 KB
3 KB 238ms
237ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/star-box.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

a6cd421590d32bb73e598fd29b72fe00803c5c9ff6677c99295a7b9d5f81b70d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "b7378266dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 93
accept-ranges: bytes
content-length: 3281
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 view-all.png
2sao.vn/Content/v2/img/icon/ 3 KB
3 KB 250ms
249ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/view-all.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

3416be7940e5b406ac1d77e55c78bcf84d86de0497612a54251e3f75062cad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "d5478e66dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 7
accept-ranges: bytes
content-length: 2935
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 icon-whoami-desktop.svg
2sao.vn/Content/v2/img/icon/ 1 KB
2 KB 240ms
239ms Image
image/svg+xml 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/icon-whoami-desktop.svg

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

ff2dc039ca50d027b35196c4fc6e164bc4b3e3865859a60f4207db4b027ac068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 08:39:46 GMT
server: nginx
etag: "f5c58258954bd61:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
backend: 231
accept-ranges: bytes
content-length: 1500
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 bg-main-catalog.png
2sao.vn/Content/v2/img/ 3 KB
3 KB 239ms
239ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/bg-main-catalog.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

9c077230ea5284f716221c297207f0047b7aa129b3dc1aadb137275df3448dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:23:44 GMT
server: nginx
etag: "665d3f51dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 232
accept-ranges: bytes
content-length: 2867
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 arrow-down.png
2sao.vn/Content/v2/img/icon/ 3 KB
3 KB 258ms
257ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/arrow-down.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

7682bd4700b01da0c56fdd55e749d0eca38959a792cf1f645a547fb29eaadf7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:16 GMT
server: nginx
etag: "a0729564dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 236
accept-ranges: bytes
content-length: 2880
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 star.png
2sao.vn/Content/v2/img/icon/ 3 KB
3 KB 260ms
256ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/star.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

53a6f478597b6c9f56ab7768908fae3fe9413c081598b4b2b2b7c0e840f9f81e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:19 GMT
server: nginx
etag: "7c637866dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 238
accept-ranges: bytes
content-length: 3070
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:50 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2sao.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 03:11:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
age: 396961
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
expires: Sat, 12 Mar 2022 03:11:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2sao.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:38:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 499781
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:38:09 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_ZpC3gfD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 17 KB
17 KB 42ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gfD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1889994acccfac3f2bfa912b8f3dc3cc3389fcccafd049c612ce8ed5b3577cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2sao.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 11:41:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:04 GMT
server: sffe
age: 366388
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17024
x-xss-protection: 0
expires: Sat, 12 Mar 2022 11:41:22 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gfD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 17 KB
17 KB 29ms
24ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gfD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61697412cc59989e4eee0d73b88388554d608bf9f9fd9217818245794c7ce13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2sao.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:37:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 283838
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16984
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:37:12 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2sao.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 423985
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_ZpC3gbD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 6 KB
7 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gbD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311df1df5293d0d3de226f460e35a8f60326a6266e6103da0032895b30d04f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2sao.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:06:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:09 GMT
server: sffe
age: 480063
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6616
x-xss-protection: 0
expires: Fri, 11 Mar 2022 04:06:47 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gbD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 6 KB
7 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gbD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc9c2cf1f79ef587ec4817f6b5126488a2b86b43fa152c667a928761ef3bc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2sao.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 15:06:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:50 GMT
server: sffe
age: 354075
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6624
x-xss-protection: 0
expires: Sat, 12 Mar 2022 15:06:35 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 39ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Content/v2/lib/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1101427
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
cf-request-id: 08ddad74d900004aa3ba8d7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8mX8vcXMQKEfQqAqtAVCAIQS%2F1L2jeluJDsWgxqiD%2BExdt5SOMkqabKTk9ciZ%2ByR7oVO7nWIoC9lXhcWJ3WrpoJkgmHb5lCk%2BXIKCHpcG3sQCdG%2FI1eUJAo%2FHX53gbpcSg%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 630fb1ce2de14aa3-FRA
expires: Sun, 06 Mar 2022 17:27:50 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=655328312&utmhn=2sao.vn&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GI%E1%BA%A2I%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88634367-1&cid=1053352621.1615915671&jid=1724512769&_v=5.7.2&z=655328312

35 B
113 B

17ms
16ms

Image
image/gif

2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88634367-1&cid=1053352621.1615915671&jid=1724512769&_v=5.7.2&z=655328312

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 17:27:50 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88634367-1&cid=1053352621.1615915671&jid=1724512769&_v=5.7.2&z=655328312
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=28756805&ns__t=1615915670798&ns_c=UTF-8&cv=3.5&c8=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=28756805&ns__t=1615915670798&ns_c=UTF-8&cv=3.5&c8=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%...

0
528 B

32ms
32ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=28756805&ns__t=1615915670798&ns_c=UTF-8&cv=3.5&c8=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&c7=https%3A%2F%2F2sao.vn%2F&c9=&cs_ak_ss=1
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 17:27:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=28756805&ns__t=1615915670798&ns_c=UTF-8&cv=3.5&c8=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&c7=https%3A%2F%2F2sao.vn%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 16 Mar 2021 17:27:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
53 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LMYJF155LR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRKR44

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9359d9b6a3abc2ba09d1b2eee76f666de7f9a0722f9457276af83494543c0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54106
x-xss-protection: 0
expires: Tue, 16 Mar 2021 17:27:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRKR44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7165
date: Tue, 16 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 17:28:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: I47RbmiEDHKZc6bX9JYiohx64pR1SUvLgnyo+IY3yDKtp21An4fEVQJp0C1e5tsRHDm7HYEVY1O0CO3zYbb3sA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 17:27:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 876911402771416 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 138ms
138ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/876911402771416?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef5ea36bff0e406c7738b4c227c84719cf25b94e11c6f95db7699277074fd3dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: tuqbpmkngzXfhH13zd6rnih+N5HTM2ihSrJFFnKhUXJhUeAeWnzLs4/RGorOf1v4tcf4XHPaVIaTP1wPvDwm5Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 17:27:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
60 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1513476994&t=pageview&_s=1&dl=https%3A%2F%2F2sao.vn%2F&ul=en-us&de=UTF-8&dt=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=40217057.1053352621.1615915671.1615915671.1615915671.1&_utmz=40217057.1615915671.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1615915670874&_u=YQBCAAABAAAAAC~&jid=1917671318&gjid=1064310267&cid=1053352621.1615915671&tid=UA-159401116-2&_gid=1045513588.1615915671&_r=1&gtm=2wg330TDRKR44&z=1348976245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
23 B 13ms
13ms Other
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LMYJF155LR&gtm=2oe330&_p=1513476994&sr=1600x1200&ul=en-us&cid=1053352621.1615915671&_s=1&dl=https%3A%2F%2F2sao.vn%2F&dt=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&sid=1615915670&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LMYJF155LR&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876911402771416&ev=PageView&dl=https%3A%2F%2F2sao.vn%2F&rl=&if=false&ts=1615915671038&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615915671036.1792321139&it=1615915670863&coo=false&rqm=GET

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 17:27:51 GMT

GET
H/1.1 200
OK data.jsx Show response
id.vietnamnet.vn/jsx/getUserInfo/ 37 B
493 B 1136ms
229ms Script
text/html 203.162.168.165
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://id.vietnamnet.vn/jsx/getUserInfo/data.jsx?_=1615915670357
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Content/v2/lib/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 203.162.168.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: 9279f79271f62549c144a3304d6bd02805a01bc37ea027af36b1f7e5f22b28dd

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:27:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: close
Content-Length: 156

GET
H/1.1 200
OK data.jsx Show response
id.vietnamnet.vn/jsx/getUserInfo/ 37 B
493 B 1144ms
232ms Script
text/html 203.162.168.165
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://id.vietnamnet.vn/jsx/getUserInfo/data.jsx
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Content/v2/lib/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 203.162.168.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: 9279f79271f62549c144a3304d6bd02805a01bc37ea027af36b1f7e5f22b28dd

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:27:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: close
Content-Length: 156

GET
H2 200 arrow-01.png
2sao.vn/Content/v2/img/icon/ 3 KB
3 KB 237ms
236ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/Content/v2/img/icon/arrow-01.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

7db40fadc6ba27067d7b90e4b1c15b3c1a35e7255363c303bce73c86ba8f44f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 07:24:16 GMT
server: nginx
etag: "c7838964dcf8d41:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
backend: 238
accept-ranges: bytes
content-length: 2888
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 ajax-loader.gif
2sao.vn/ 3 KB
3 KB 254ms
254ms Image
image/gif 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2sao.vn/ajax-loader.gif

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

d924d966d44cf7973b34c92c74dc68237fec423d578f2c9497eaa0790900d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 May 2019 09:42:01 GMT
server: nginx
etag: "21f419c4216d51:0"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3279
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H/1.1 200
OK tracking.ashx Show response
tracking.vietnamnetad.vn/Dout/ 798 B
1 KB 1295ms
320ms Script
application/x-javascript 183.91.14.6
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.vietnamnetad.vn/Dout/tracking.ashx?ext=5580991b-9fb4-473a-9e0e-c49cd1cf7473&domain=2sao.vn/cat0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.91.14.6 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: faa44dac1a440cf07d73fc44092ac76f52a9430777810ea1a643c7d3d571244b

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:35:03 GMT
Server: nginx
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Backend: 239
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 798
Expires: Tue, 16 Mar 2021 17:37:52 GMT

GET
H2 200 clip.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/07/50/ 8 KB
8 KB 747ms
746ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/07/50/clip.jpg?width=250
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5645f52736e924c74b539cafce4f2b0ccf94e186e6f4b3d08195ed869e143434

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:32 GMT
last-modified: Tue, 16 Mar 2021 00:56:39 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 8033
expires: Wed, 16 Mar 2022 17:28:32 GMT

GET
H2 200 kichhh.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/19/53/ 16 KB
16 KB 747ms
746ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/19/53/kichhh.jpg?width=250
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 774f92e4a338bd4515f0af093cf3e055d11d6db0d881ab68b5a07598a5174fb3

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:32 GMT
last-modified: Tue, 16 Mar 2021 12:57:17 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 16015
expires: Wed, 16 Mar 2022 17:28:32 GMT

GET
H2 200 anhdaidien.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/17/02/ 17 KB
17 KB 747ms
746ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/17/02/anhdaidien.jpg?width=250
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 87f81b584578bf4c7d222172d6aa5a85ff3f5e38ed436579c4953d5c05a67c20

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:32 GMT
last-modified: Tue, 16 Mar 2021 12:00:23 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 17585
expires: Wed, 16 Mar 2022 17:28:32 GMT

GET
H2 200 lam-tam-nhu-1.jpg
2sao.vietnamnetjsc.vn/images/2021/03/16/14/49/ 10 KB
10 KB 747ms
746ms Image
image/jpeg 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2sao.vietnamnetjsc.vn/images/2021/03/16/14/49/lam-tam-nhu-1.jpg?width=250
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 1bc1a8faa8b22a68b74de3ef0ad72dc4bf72fc251d160fc3bf80a106a45abdb4

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:32 GMT
last-modified: Tue, 16 Mar 2021 12:00:09 GMT
server: nginx
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 9914
expires: Wed, 16 Mar 2022 17:28:32 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
62 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-159401116-2&cid=1053352621.1615915671&jid=1917671318&gjid=1064310267&_gid=1045513588.1615915671&_u=YQBCAAAAAAAAAC~&z=954313451

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 17:27:51 GMT
content-type: text/plain
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame D6AE 24 KB
2 KB 46ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900italic,900,700italic,700,500,400italic,500italic,300italic,300,100italic,100

Requested by

Host: tintuconline.com.vn
URL: https://tintuconline.com.vn/Common/TtolTo2SaoV3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

551c24fb8497e8befef657134a4dc50f8cb6191edf8512a53eb32591da35275c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tintuconline.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 17:27:51 GMT
server: ESF
date: Tue, 16 Mar 2021 17:27:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 17:27:51 GMT

GET
H2 200 logottol2x.png
tintuconline.com.vn/Images/ Frame D6AE 6 KB
6 KB 239ms
237ms Image
image/png 103.21.150.172
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tintuconline.com.vn/Images/logottol2x.png

Requested by

Host: tintuconline.com.vn
URL: https://tintuconline.com.vn/Common/TtolTo2SaoV3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.172 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

2a54260667123f7d1026c521432ad776c9284aa590a92cd1672bb02da688e58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tintuconline.com.vn/Common/TtolTo2SaoV3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 May 2017 07:14:30 GMT
server: nginx
etag: "4054a364a6cfd21:0"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=31536000
backend: 232
accept-ranges: bytes
content-length: 6305
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:27:51 GMT

GET
H2 200 dau-so-gia-danh-ngan-hang-ava.jpg
ttol.vietnamnetjsc.vn/images/2021/03/16/20/29/ Frame D6AE 24 KB
24 KB 725ms
254ms Image
image/jpeg 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ttol.vietnamnetjsc.vn/images/2021/03/16/20/29/dau-so-gia-danh-ngan-hang-ava.jpg?width=312

Requested by

Host: tintuconline.com.vn
URL: https://tintuconline.com.vn/Common/TtolTo2SaoV3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

5508ac30c2d96408448dc2e05f4b166939ac295c450149c4a3c06dd433ee7f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tintuconline.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 13:31:26 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key
content-length: 24696
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:26:47 GMT

GET
H2 200 ezgifcom-optimize-12.gif
ttol.vietnamnetjsc.vn/images/2021/03/16/23/06/ Frame D6AE 3 MB
3 MB 1162ms
691ms Image
image/gif 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ttol.vietnamnetjsc.vn/images/2021/03/16/23/06/ezgifcom-optimize-12.gif?width=312

Requested by

Host: tintuconline.com.vn
URL: https://tintuconline.com.vn/Common/TtolTo2SaoV3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

27060e50be50f50dcee97ae45b82b7fd0c45dfd8ca4d07097bfe486aa3e8f5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tintuconline.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 16:06:01 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key
content-length: 2790273
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:26:47 GMT

GET
H2 200 ca-si-do-hieu-qua-doi-ava.jpg
ttol.vietnamnetjsc.vn/images/2021/03/16/20/48/ Frame D6AE 16 KB
16 KB 1381ms
910ms Image
image/jpeg 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ttol.vietnamnetjsc.vn/images/2021/03/16/20/48/ca-si-do-hieu-qua-doi-ava.jpg?width=312

Requested by

Host: tintuconline.com.vn
URL: https://tintuconline.com.vn/Common/TtolTo2SaoV3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx /

Resource Hash

864f3ae3f17ad3a89ab56129453da500bc139e35646ece11aa2101c32328a8c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tintuconline.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 15:09:02 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key
content-length: 16084
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:26:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D6AE 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900italic,900,700italic,700,500,400italic,500italic,300italic,300,100italic,100

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tintuconline.com.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 82812
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D6AE 12 KB
12 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900italic,900,700italic,700,500,400italic,500italic,300italic,300,100italic,100

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c7063e4ddf4fb376fa7af3b9caf9845251f6224dffd38f1a369278c47e4b4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tintuconline.com.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 503128
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12060
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:42:23 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
43 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybY7EFfRgQPv64Cqe

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 16 Mar 2021 17:27:51 GMT
content-type: text/plain
access-control-allow-origin: https://2sao.vn
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 css
embed.vietnamnettv.vn/Content/ Frame 958F 61 B
287 B 234ms
233ms Stylesheet
text/css 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/Content/css?v=zhveyGrZ2sv6iCzsXq58Bgw8a-PIZ_PAYFPoKXWDNsc1
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/v/216731.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 59875b1ca3fe4ec380078af9f298f46fe0cb99155ad5053ff4c1e8236ca72b4f

Request headers

Referer: https://embed.vietnamnettv.vn/v/216731.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:47 GMT
last-modified: Mon, 15 Mar 2021 10:27:43 GMT
server: nginx
x-aspnet-version: 4.0.30319
vary: User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
backend: 93
content-length: 61
expires: Tue, 16 Mar 2021 17:29:47 GMT

GET
H2 200 modernizr Show response
embed.vietnamnettv.vn/bundles/ Frame 958F 11 KB
11 KB 238ms
236ms Script
text/javascript 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/v/216731.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

Referer: https://embed.vietnamnettv.vn/v/216731.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:47 GMT
last-modified: Mon, 15 Mar 2021 10:27:09 GMT
server: nginx
x-aspnet-version: 4.0.30319
vary: User-Agent
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
content-length: 10999
expires: Tue, 16 Mar 2021 17:29:47 GMT

GET
H2 200 jquery Show response
embed.vietnamnettv.vn/bundles/ Frame 958F 91 KB
91 KB 456ms
455ms Script
text/javascript 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/bundles/jquery?v=FVs3ACwOLIVInrAl5sdzR2jrCDmVOWFbZMY6g6Q0ulE1
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/v/216731.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec

Request headers

Referer: https://embed.vietnamnettv.vn/v/216731.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:47 GMT
last-modified: Mon, 15 Mar 2021 10:27:09 GMT
server: nginx
x-aspnet-version: 4.0.30319
vary: User-Agent
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
backend: 236
content-length: 93078
expires: Tue, 16 Mar 2021 17:29:47 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 958F 99 KB
39 KB 23ms
18ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-178420971-1

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/v/216731.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4178ea0b7ad00a245d88d27d9aec1a33db570e82784434176b1f67aa60d85f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39831
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 16:19:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 17:27:52 GMT

GET
H2 200 rmp-hlsjs.min.js Show response
embed.vietnamnettv.vn/rmp/v5100/js/ Frame 958F 944 KB
227 KB 686ms
685ms Script
application/javascript 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/v/216731.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 836f32af2018c99363a5287742224383e57f6c9bd709b9dc66c835065a1a3ec9

Request headers

Referer: https://embed.vietnamnettv.vn/v/216731.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:47 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 05:28:58 GMT
server: nginx
etag: W/"0978f3a085d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=180
backend: 237
expires: Tue, 16 Mar 2021 17:29:47 GMT

GET
H2 200 jquery.min.js Show response
code.jquery.com/ Frame 8A92 94 KB
33 KB 30ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.min.js
Requested by: Host: id.vietnamnet.vn
URL: https://id.vietnamnet.vn/PopupFBLogin2019.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376

Request headers

Referer: https://id.vietnamnet.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:51 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-1764d"
vary: Accept-Encoding
x-hw: 1615915671.dop227.fr8.t,1615915671.cds235.fr8.hn,1615915671.cds103.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33226

GET
H/1.1 200
OK login-vnn-facebook.png
id.vietnamnet.vn/images/ Frame 8A92 3 KB
3 KB 905ms
442ms Image
image/png 203.162.168.165
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.vietnamnet.vn/images/login-vnn-facebook.png
Requested by: Host: id.vietnamnet.vn
URL: https://id.vietnamnet.vn/PopupFBLogin2019.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 203.162.168.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: b85c0928753a657c7ccfe85421bd556e92f94c61416d155e3e392d5ea13e3367

Request headers

Referer: https://id.vietnamnet.vn/PopupFBLogin2019.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:27:48 GMT
Last-Modified: Fri, 25 Sep 2020 00:00:00 GMT
Server: Microsoft-IIS/7.5
ETag: "00bacfce92d61:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2653

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ Frame 8A92 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: id.vietnamnet.vn
URL: https://id.vietnamnet.vn/PopupFBLogin2019.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

227b0cef309adb8bc77c084678fc00dd49118e71c5deb7cf2f2e0200387422b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://id.vietnamnet.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ArFPlSrIavcSfGn6tnYX9Q==
cross-origin-resource-policy: cross-origin
expires: Tue, 16 Mar 2021 17:31:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: 9OUfcQx4cwoWBfZTgewuVya7c8+VX6EtANmbfDtG/BJtZDZLLaauW7ZCw3PgD47fNwVZDN7W3/98gcZ3T+QQrw==
x-fb-trip-id: 917726464
x-fb-content-md5: 027250a514e13459434cf89575a04f34
date: Tue, 16 Mar 2021 17:27:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "336dd01cda80c1e811b0b1ebd5783c7c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ Frame 8A92 190 KB
58 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=1e778a69c7d27d5c79aeaa33a45764b8&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7ab0540803750523d30dfcb57e8877a77d46e6f68ce1150a78ba0f192ba0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://id.vietnamnet.vn
Referer: https://id.vietnamnet.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MzwbO0BmpVlQ7WXRd7wyMw==
cross-origin-resource-policy: cross-origin
expires: Wed, 16 Mar 2022 16:47:34 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58375
x-fb-rlafr: 0
x-fb-debug: UNG5qUc3azQcVkfD0CIYV7QZX4/GgRNs7tJoCr8TkNMO+1wUH0mvpUR48PWv25o+iHQo4kFSBdPV8O2q+RcUsg==
x-fb-trip-id: 917726464
x-fb-content-md5: b143349a897cb560de69e01c520ca343
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 17:27:52 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e3a8ffa24cc0265dad4e8bbe45b6623d"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 8A92 0
0 101ms
100ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2F2sao.vn&client_id=1043536822416644&input_token&origin=1&redirect_uri=https%3A%2F%2Fid.vietnamnet.vn%2FPopupFBLogin2019.aspx&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1e778a69c7d27d5c79aeaa33a45764b8&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://id.vietnamnet.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: TnuAZNbyKfVGMqIqLKJ1uWg1aY5GVFh7vp3THNyCKL3tqLmNjuCXxD/XkUkyLIS+GubeV7yhgHcIWrignV4akQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Mar 2021 17:27:52 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://id.vietnamnet.vn
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 958F 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/v/216731.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7167
date: Tue, 16 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 17:28:25 GMT

GET
H2 200 vnnCore.440.js Show response
img.vietnamnetad.vn/Scripts/ 51 KB
51 KB 706ms
234ms Script
application/x-javascript 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.vietnamnetad.vn/Scripts/vnnCore.440.js?v=2

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

20945b25ac374174470c33f364be061d28ea33f9e2438ad9eea93008658e5ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Aug 2020 02:00:47 GMT
server: nginx
x-powered-by: ASP.NET
etag: "ffb214901571d61:0"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 51818
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:28:34 GMT

GET
H2 200 vgs.json Show response
cdn.radiantmediatechs.com/rmp/rr/ Frame 958F 8 KB
4 KB 42ms
20ms XHR
application/json 2606:4700:20::681a:3cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.radiantmediatechs.com/rmp/rr/vgs.json?rdm=448865

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5093d12e6fc11cb718b8ad44c5bf4d56d4abc8a2d8dad7fb5120db95fa458824

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1896
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ddad7d6d00004e8cf885f000000001
timing-allow-origin: *
last-modified: Thu, 11 Mar 2021 17:08:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QmlYa%2Fb4pcJaKnkT1YUjfKUCgyjLr6RiVLha0I377q%2BnpA3prdnck%2FHO0Mr55lOVLJRGDaVUwG7jLgTFXPdUftXbCZiYUdj2OYFK3XT7mrtGNPtqBUx1GQtA0z0TP82E6siGuDJN"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 630fb1dbdcd64e8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range
expires: Tue, 16 Mar 2021 18:27:52 GMT

GET
BLOB 206
Partial Content c5e0b702-1a60-47b2-b4b3-013b1650fb2c
https://embed.vietnamnettv.vn/ Frame 958F 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://embed.vietnamnettv.vn/c5e0b702-1a60-47b2-b4b3-013b1650fb2c
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/v/216731.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 rmp-s2.min.css
embed.vietnamnettv.vn/rmp/v5100/css/ Frame 958F 83 KB
13 KB 239ms
239ms Stylesheet
text/css 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/rmp/v5100/css/rmp-s2.min.css
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: b14305d0a66eea71ff6a8d3ffa73ccf8ba8466ec10fad4fcca1bb6b7d9ce0072

Request headers

Referer: https://embed.vietnamnettv.vn/v/216731.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:48 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 05:29:02 GMT
server: nginx
etag: W/"063daf5a085d61:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=180
backend: 93
expires: Tue, 16 Mar 2021 17:29:48 GMT

GET
H2 200 playlist.m3u8 Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 154 B
480 B 1606ms
251ms XHR
application/vnd.apple.mpegurl 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/playlist.m3u8

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

30b67fb4f508b4bd85b2ea97d58148d5fb4d84100cbef0faa4d7955811998b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:54 GMT
last-modified: Tuesday, 16-Mar-2021 12:07:59 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 154
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 958F 330 KB
114 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 16 Mar 2021 17:27:53 GMT

GET
DATA 200
OK truncated
/ Frame 958F 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 431ced6916a2a21a156e38701afe55bbd7f88969fbbfc56d7fe099d47f265460

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rmp-font.woff2
embed.vietnamnettv.vn/rmp/v5100/css/fonts/ Frame 958F 9 KB
9 KB 234ms
234ms Font
application/font-woff2 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/rmp/v5100/css/fonts/rmp-font.woff2?s73jsd
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/css/rmp-s2.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0f61c0b0df63d46075f6c7b82cfdcf833dcee642cfa41b55bbdec201c893359c

Request headers

Origin: https://embed.vietnamnettv.vn
Referer: https://embed.vietnamnettv.vn/rmp/v5100/css/rmp-s2.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:48 GMT
last-modified: Tue, 10 Mar 2020 10:07:40 GMT
server: nginx
etag: "03e60bbc3f6d51:0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=180
backend: 239
accept-ranges: bytes
content-length: 9204
expires: Tue, 16 Mar 2021 17:29:48 GMT

GET
H2 200 roboto-v20-latin-regular.woff2
embed.vietnamnettv.vn/rmp/v5100/css/fonts/ Frame 958F 15 KB
16 KB 234ms
234ms Font
application/font-woff2 103.21.150.163
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.vietnamnettv.vn/rmp/v5100/css/fonts/roboto-v20-latin-regular.woff2
Requested by: Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/css/rmp-s2.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.163 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Origin: https://embed.vietnamnettv.vn
Referer: https://embed.vietnamnettv.vn/rmp/v5100/css/rmp-s2.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:26:48 GMT
last-modified: Tue, 28 Apr 2020 04:05:08 GMT
server: nginx
etag: "0326a34121dd61:0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=180
backend: 237
accept-ranges: bytes
content-length: 15736
expires: Tue, 16 Mar 2021 17:29:48 GMT

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame FDB0 576 KB
188 KB 34ms
20ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://embed.vietnamnettv.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://embed.vietnamnettv.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 14 Mar 2021 13:29:38 GMT
expires: Mon, 14 Mar 2022 13:29:38 GMT
last-modified: Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 187095
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 958F 44 KB
17 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 16 Mar 2021 17:27:53 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 16E3 36 KB
13 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 28
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 16 Mar 2021 18:27:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D6AE 5 KB
5 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900italic,900,700italic,700,500,400italic,500italic,300italic,300,100italic,100

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66a6ef379881e3124e20f6dcecdc16672b1a7c3e415a305995621e40a075624f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tintuconline.com.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:46:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 283307
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5476
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:46:06 GMT

GET
H2 200 coread.440.js Show response
img.vietnamnetad.vn/vadsjs/ 18 KB
18 KB 455ms
455ms Script
application/x-javascript 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.vietnamnetad.vn/vadsjs/coread.440.js?v=1

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

c02e3d03d95bf974104574666ee138b535de347eae3f030b0adde73952f9f683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 07:27:37 GMT
server: nginx
x-powered-by: ASP.NET
etag: "1fceb98f34eed61:0"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 18480
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:28:34 GMT

GET
H2 200 Ad Show response
vads.net.vn/ 45 B
461 B 967ms
249ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=1&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 9f4370b024e7b4d9738257ab5b351140bd9afad58a549b7fd62be9ec12515297

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 235
content-length: 45
expires: -1

GET
H2 200 360p.m3u8 Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 473 B
798 B 261ms
261ms XHR
application/vnd.apple.mpegurl 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/360p.m3u8

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

ec5af900d97f64b5519c51c3969a6095859f6e3e7e10e4b4177406ee56bb4e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:54 GMT
last-modified: Tuesday, 16-Mar-2021 12:12:32 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 473
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 360p_000.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 347 KB
348 KB 488ms
488ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/360p_000.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

258057b115f77080bc24ff038f095af64111a16303a3b752a68a45fa9e571606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:55 GMT
last-modified: Tuesday, 16-Mar-2021 12:12:56 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 355696
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 31af5720-bf48-4a0d-b0a1-201b7bc30b36
https://embed.vietnamnettv.vn/ Frame 958F 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://embed.vietnamnettv.vn/31af5720-bf48-4a0d-b0a1-201b7bc30b36
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2449cc8ffe30da9f4d5de5167e0de801f089ba57dc1bf25116a13ac4114e0799

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 61967
Content-Type: text/javascript

GET
H2 200 Ad Show response
vads.net.vn/ 1 KB
1 KB 245ms
245ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=66&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0dded3af447b8bdb2dd2b5eb573001d51aa60770ea802cd10b98caac0c48052c

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 1051
expires: -1

GET
H2 200 imp-tracking
log.vads.net.vn/ad/ 43 B
285 B 490ms
250ms Image
image/gif 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.vads.net.vn/ad/imp-tracking?action_name=A71E9yWPDXjYSgyVOtOFJBs_@$_rzBv3ImkSiWZMWDN7LYYvoWGmpydIQV_@$_9mehTWSN7lqfPfD7Np4fmAqWpGTSR0pFKeiiV@7kD0Lo6GrHZt3XffLwGRRqhTP7nZvkEnNDIUWB4FtZcNy6YP6HaQyO6MJEJoipYP22W3LtWyKkWn7vgvzgQEKC813bdEdI7ikIgBLbWSwFWPlnNVc4nWlZ@G5VwdRguVVq9FO_@$_KU_@$_uwFvAneIuN3iYByhXHk3h3ee3GIOUyU6XvQKkNvpkOPkxuA==
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:56 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 231
server: nginx
content-length: 43
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK 2sao_nativeinimage.js Show response
pub.lavanetwork.net/sites/2sao/ 2 KB
1 KB 1191ms
221ms Script
application/javascript 123.30.139.97
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.lavanetwork.net/sites/2sao/2sao_nativeinimage.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.139.97 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT), VN),

Reverse DNS

Software

lavanetwork /

Resource Hash

cbba80c06904ec5c8360264d5bd284c8d087c96bc1d35d64e1144c02d520ed89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:27:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 04 Mar 2021 06:25:11 GMT
Server: lavanetwork
ETag: W/"60407d47-67b"
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

POST
H2 204 collect
www.google-analytics.com/g/ 0
68 B 13ms
13ms Other
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LMYJF155LR&gtm=2oe330&_p=1513476994&sr=1600x1200&ul=en-us&cid=1053352621.1615915671&_s=2&dl=https%3A%2F%2F2sao.vn%2F&dt=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&sid=1615915670&sct=1&seg=0&en=scroll&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LMYJF155LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 480p.m3u8 Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 473 B
798 B 252ms
251ms XHR
application/vnd.apple.mpegurl 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p.m3u8

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

e1fcaf3488cd236c1902f31d1c0f01b187c675f185d6b33a079d90f9753d279d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:56 GMT
last-modified: Tuesday, 16-Mar-2021 12:08:08 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 473
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 480p_000.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 661 KB
662 KB 252ms
252ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p_000.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

503ca07cc4eadbb53f550dc32edbc1551d6f9a6e0674d6db4375a155e143d0a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:56 GMT
last-modified: Tuesday, 16-Mar-2021 12:08:32 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 677176
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ajs.php Show response
delivery.lavanetwork.net/www/delivery/ 52 B
728 B 1128ms
212ms Script
text/javascript 123.30.139.97
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.lavanetwork.net/www/delivery/ajs.php?zoneid=3973&pubname=2sao&cb=52434243863&charset=UTF-8&loc=https%3A//2sao.vn/
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.139.97 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT), VN),
Reverse DNS
Software: lavanetwork / PHP/7.0.29
Resource Hash: 8498dfd7b8e8aaa6410f9a737fff1456ba669bd708017a71e432ec7e66fb7a66

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:27:57 GMT
Content-Encoding: gzip
X-Powered-By: PHP/7.0.29
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
backend: 97
Connection: keep-alive
Pragma: no-cache
Server: lavanetwork
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Expires: 0

GET
H2 200 480p_001.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 458 KB
459 KB 252ms
252ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p_001.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

3672e58f75238c5377f0fcd6c241d30117f77493505b8e98cbcc85117f19f514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:57 GMT
last-modified: Tuesday, 16-Mar-2021 12:13:10 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 468684
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 480p_002.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 707 KB
708 KB 260ms
259ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p_002.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

d45991322d1ed2797db52ce70de818d22cd2813062bad4ff0d77deaf3c72c5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:57 GMT
last-modified: Tuesday, 16-Mar-2021 12:13:35 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 723988
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 480p_003.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 449 KB
450 KB 253ms
252ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p_003.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

16cb9bf4f3c579457099046869a2998dae382f590a33d9534deb41e082f8b7c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 11:50:01 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 460224
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ad Show response
vads.net.vn/ 48 B
462 B 242ms
242ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=37&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 1d2ec6e4d596ef2368d1c1b9a422d5ada94445ece94372f80ec82c983cad1704

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:58 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 231
content-length: 48
expires: -1

GET
H2 200 480p_004.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 694 KB
695 KB 252ms
251ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p_004.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

caf843f0f8a9c1261c6bc1cdef49144ee166a62bce277ccc82f4ad6bc9e88b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:58 GMT
last-modified: Tuesday, 16-Mar-2021 12:12:44 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 710828
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adgroup Show response
vads.net.vn/ 357 B
545 B 272ms
271ms Script
application/x-javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/adgroup?t=z11-z12&w=2&domain=2sao.vn/cat0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5092e572525ce8078500570dd64d4e15431fe941b5b2d6074ffb9b5b47dddaff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:58 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 235
server: nginx
content-length: 357
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8

GET
H2 200 480p_005.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 453 KB
453 KB 253ms
252ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p_005.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

499162e8e615088f74504a124873f8ac613cae126e657a07c27f0dab40283141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:58 GMT
last-modified: Tuesday, 16-Mar-2021 12:13:10 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 463420
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ad Show response
vads.net.vn/ 1 KB
2 KB 260ms
260ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=11&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: bc01df0199ccffb9dfe2c7e25019c8e0f7d1a37fbbbd964704c29521bd266dbc

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:58 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 230
content-length: 1315
expires: -1

GET
H2 200 480p_006.ts Show response
v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/ Frame 958F 717 KB
719 KB 253ms
252ms XHR
video/mp2t 183.91.11.69
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://v-cdn.vietnamnetjsc.vn/media/ts/2021/03/16/18/50/101af872-17cd-4ffd-8e66-36f0c023df86/480p_006.ts

Requested by

Host: embed.vietnamnettv.vn
URL: https://embed.vietnamnettv.vn/rmp/v5100/js/rmp-hlsjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.91.11.69 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

CMC CLOUD /

Resource Hash

25010d67bc0858a87f82a43edaae0e4a58f929e36f644acc96e3a761e14f4703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://embed.vietnamnettv.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 11:50:13 GMT
server: CMC CLOUD
x-cache-status: HIT
strict-transport-security: max-age=31536000; preload
content-type: video/MP2T
access-control-allow-origin: https://embed.vietnamnettv.vn
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 734704
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imp-tracking
log.vads.net.vn/ad/ 43 B
285 B 247ms
246ms Image
image/gif 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.vads.net.vn/ad/imp-tracking?action_name=dlmV@L2krheKgMA5kkcgIywqDfhCo4iCNy8Cas4rwvOLY5fCO22SOQsq4EgF5KCSjvCPomO36wbbX@WQIfcdQaJOVE2wE5t016seeutMoiFG1pRHFpfMxGEfhJQTR1PpLLjQsLikYBjG5Wfl6zGiBc2xY9RFYABZYS@c@QlepTdnq2n7FhIbCAJjXq@yBBPXSO9z2fFxWtEJNvp9lXdN97dz_@$_JLe6XMub5ocTRVTZ0gQIRXOeb5JaqXb9u1@KlCBzihlkfdNbKu30mYFnswenw==
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:58 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 233
server: nginx
content-length: 43
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c401328012b459cc26bf8737289be868980df8e4e17c236e020da437d48810d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49940
x-xss-protection: 0
server: cafe
etag: 14688670678261208085
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 17:27:58 GMT

GET
H2 200 vads-logo-bottom.png
img.vietnamnetad.vn/Images/logo/ 1 KB
2 KB 234ms
233ms Image
image/png 103.21.150.164
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.vietnamnetad.vn/Images/logo/vads-logo-bottom.png

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.21.150.164 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

ed2fd70166e154d32f016459d977ccbde0b9dbbeeb5ca1842c2058d57c0e1597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 14 Sep 2014 01:46:13 GMT
server: nginx
x-powered-by: ASP.NET
etag: "37f4b0aabdcfcf1:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
backend: 239
accept-ranges: bytes
content-length: 1384
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 17:28:39 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/ 226 KB
85 KB 68ms
55ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0771410550134874&plah=2sao.vn&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

476e55b7d10aaeb7ddd39212d5a22f590ac9355c2356fe7075b8c52f207edae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86502
x-xss-protection: 0
server: cafe
etag: 2199629402476109975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 17:27:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210310/r20190131/ Frame B5FF 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210310/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210310/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 15 Mar 2021 19:09:00 GMT
expires: Mon, 29 Mar 2021 19:09:00 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 80338
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Ad Show response
vads.net.vn/ 1 KB
2 KB 254ms
254ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=12&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5050535b636f305d8e30e78c9640c99a196eaf5e05f3edd608e196bc24184f0e

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:59 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 230
content-length: 1152
expires: -1

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 197 B
637 B 102ms
45ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=2sao.vn&callback=_gfp_s_&client=ca-pub-0771410550134874

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0771410550134874&plah=2sao.vn&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

587f32302fb908e4c6d4b0d2d8305e1e3b8b8f61ea4e278413fe2a0cfdb8c04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE9D 12 KB
7 KB 309ms
294ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=1337934782&adk=180678796&adf=226184560&pi=t.ma~as.1337934782&w=300&lmt=1615915679&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915678943&bpp=11&bdt=9292&idt=99&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1338956514774&frm=20&pv=2&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0nBK2DYLmd&p=https%3A//2sao.vn&dtd=122

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af8e171373c495fd05a7d7f70710676af4e6b27aad586d99fc0d366d780fd51f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=1337934782&adk=180678796&adf=226184560&pi=t.ma~as.1337934782&w=300&lmt=1615915679&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915678943&bpp=11&bdt=9292&idt=99&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1338956514774&frm=20&pv=2&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0nBK2DYLmd&p=https%3A//2sao.vn&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 17:27:59 GMT
server: cafe
content-length: 7075
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 17:42:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 17:27:59 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 62ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615840876344261"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28211
x-xss-protection: 0
expires: Tue, 16 Mar 2021 17:27:59 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B80 54 B
596 B 84ms
84ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&adk=1812271804&adf=3025194257&lmt=1615915679&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F2sao.vn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615915678955&bpp=3&bdt=9304&idt=118&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=140

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0771410550134874&output=html&adk=1812271804&adf=3025194257&lmt=1615915679&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F2sao.vn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615915678955&bpp=3&bdt=9304&idt=118&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 17:27:59 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 17:42:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 17:27:59 GMT
cache-control: private

GET
H2 200 imp-tracking
log.vads.net.vn/ad/ 43 B
285 B 244ms
243ms Image
image/gif 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.vads.net.vn/ad/imp-tracking?action_name=WZRUHJk4wmiNWG6ZqDgW4omqN7jMDQyPvVWTzzE4uCfyDF0VPBsk7Y_@$_au9WgjWTpIU8gwvFiEtFeaD3yEvymNMMhFxFkFeBm8It4iBunB9DzXGGsxYiLt4R208MxFAOx1eRfxbBdPowGIN48Huml1cGVPSUS41sWpkmgr@7jFgBWUHEpeiDm1vy49QbYTNOCnLTiwDyDp8FA4sIDWTqC4SK9@ktMfi6nuMFILB@NNTpa5RP7dh5eu7QYisyupUC6gCm7tRWJJEhI7@TFP0q2Vg==
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:59 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 231
server: nginx
content-length: 43
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ad-exchange.js Show response
gamma.cachefly.net/js/ 8 KB
3 KB 1049ms
18ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://gamma.cachefly.net/js/ad-exchange.js
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8bc47888d38c629485975fa1e1f57bf5166fd24880bebf2fdaa4ccd190313f47

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:00 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 604800.000
x-cf1: 16114:fB.ams1:co:1615366953:cacheN.ams1-01:H
gamma-cdn: srv_178
content-length: 2563
x-cf-tsc: 1615366957
x-cf2: H
last-modified: Wed, 10 Mar 2021 07:30:07 GMT
server: CFS 0215
x-cff: B
etag: W/"6048757f-1eed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf4age: 20
accept-ranges: bytes
x-cf-rand: 77.784
expires: Wed, 17 Mar 2021 17:28:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE9D 42 B
154 B 38ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcTQJtopF7OWdWMJahhZMhIglSdCMnzVeWEktgazXzIWF5zIe3KHHzxTsEDeliKBT-LY0vhL8V8z0SACNgN2cNsf-9g_0P1xhL-s-hALxz1qs4Ml0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=1337934782&adk=180678796&adf=226184560&pi=t.ma~as.1337934782&w=300&lmt=1615915679&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915678943&bpp=11&bdt=9292&idt=99&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1338956514774&frm=20&pv=2&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0nBK2DYLmd&p=https%3A//2sao.vn&dtd=122

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame FE9D 2 KB
1 KB 39ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 17:04:39 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE9D 112 KB
34 KB 77ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615840882416834"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 17:28:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame FE9D 13 KB
6 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 17:21:58 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6743 286 B
443 B 17ms
16ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCevu-5AhiBxoWeATAB&v=APEucNUFnEvWW3Oeky542qmh5RuqR5kyVwE6pyPS23dxKYsR1gl9Zw55lORpbywtIRQdZl93olYyDZZVilutvqlCRb886s1vZ6qogUznj53C7EmQvc3MJ7C67OfPKosCvhNMzzNYP9NP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8968c474def847cbb78da5635e03dffc060c826a0b2b9fdc5981359859cd4874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJC1NBCevu-5AhiBxoWeATAB&v=APEucNUFnEvWW3Oeky542qmh5RuqR5kyVwE6pyPS23dxKYsR1gl9Zw55lORpbywtIRQdZl93olYyDZZVilutvqlCRb886s1vZ6qogUznj53C7EmQvc3MJ7C67OfPKosCvhNMzzNYP9NP
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=1337934782&adk=180678796&adf=226184560&pi=t.ma~as.1337934782&w=300&lmt=1615915679&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915678943&bpp=11&bdt=9292&idt=99&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1338956514774&frm=20&pv=2&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0nBK2DYLmd&p=https%3A//2sao.vn&dtd=122
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=1337934782&adk=180678796&adf=226184560&pi=t.ma~as.1337934782&w=300&lmt=1615915679&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915678943&bpp=11&bdt=9292&idt=99&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1338956514774&frm=20&pv=2&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0nBK2DYLmd&p=https%3A//2sao.vn&dtd=122

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 16 Mar 2021 17:28:00 GMT
server: cafe
cache-control: private
content-length: 151
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUmlRLaR5_VVBphFAkXFDnq9HvhGFZDpZ1iQmdzP2OiZ8DW60etVIpFrg0j1; expires=Sun, 10-Apr-2022 17:28:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 17:28:00 GMT

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FE9D 39 KB
19 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLS4BlKfjIdnyau9Ng1kjFVKSrwe0Or8nosVdLqll87JG-S6K2QtQJy0_dx1hkf6M1HM4DvTSye9sjdpBdc3XSK378ZSSElXbvqmsJV5n7d7zhnjw61EyotY1lm2Z0WyaQiWpjD2D9SxW1XDK7MCaMVr7whA&dbm_d=AKAmf-Dk7hwbQSCNOrGdtVjhv4Zq4BAOtq-o_XjjmIAoyhNh1BEHIXSiYxDz1xFfKkSkBj7-K69-GDIF0_d6zHSpSQJwt-KI_NOg5f8UFMk-wZAvM_WPZn_7psl0GJ-LszI0JXMAOe5OTT2vxZCVv4L-ekepUbslreKqNnwPSaSZv-dDsCF0zeii6MzuN_2TzAUsiNujHv_pYlvdAGXVdG7xwM74uK_AB9i2hPm7-V7Y_dCV75mNtCYPKDAX8v9C7ZtrdAdOTSA-ROeXwY73Zv1fUx6Bf6JgV_3YjwUruHvuN_65BWltJ09CEoLA7uGb7X21P15FbSq5VNtRHaaEy6XDs0nu4a2S-cH5MdOdg5uP9a5Nh28K9mdAx0YLYrh1FNvHOWAKKouvVFeEq992tD-m2dB_QqlYYXGLgjzjH_1Ptq5xZqppPtEEEPv_68yNmP7oFnp6SiogxfhU7L6ReVmOR5Vmk6G4JvDxqZ-EdaWahkJLgVzQNl9tK16ok61ZM_WCDCa8a0MMD2JG1I9oR9xmnZwgEqN_AMVjuk7HUlkBem8uyP2T4tV-rH_LthvGs8Q-5UnFl38Eof3XksMbW4d4jDXfW1PUtsc38aC3j_VWLjekV9NGB3tulVDsVxeludzj0UUVn9NGchxSPXkpx5izZkxOCDj3iPP7WnlPdv24hwnr6zov6L27bkXn_PyMNCS7Zp-bt6b3K5D1dbYfITL0UnraOaFIZpo9keeb-PJAY3jLhGCBL-d8_DCrBT3RNY5FFCQ4p7A1JA0cXuEuKLAl_pyDY3Rt4VU8zB9Xas2jVl4MoILann1GX9K4TdF13E5dGhpLLsSZRjlMXPqTPuWpp2cEvem9Dg0wOfIjhou-GYGEhat_Hj42gBPBOxMAzEFFmOlypjeQbtbyqLqUDsffGeiHsXjm9rrtwgQYACDk7GRb75n-E9BtiQCe7MvyfyZ7gTliofUyy_lIPRIWlpHwndl0PZcEaO_BeEjWdk4pcIdP-q_sr3LfoNBygIKg_Q6WQxDty4JmMZNVWGabQKllna1a6mWfS1yjgu8_KHaA0gmpemO0zpq0Pg74dQza7qPq0uFmfrmYyISjz3vy8tR1XI14h-q_Fby5uQ4FxXm4Qkom83HtxnxbGxoCtWYzgWIhliH-3_9HF1hxsapiYT65nXlSGbCo7ksBwPVtw4ghBC9enxrRaPXxK-zOEhU1z2--In5a9gQQMPBVLGznjtxolTpGTNFOjHLSWnkEXzQrJZDDGGjDEZXjmHRTprmTKtfkKDsCeexdJ3MIo7GKUmWHsxR8mj6rSzLxUnHjNewaxLIzWflWok8yFXfx07RBG9Q_hl0Sy15MSmItJhI4or4vtNMQxcxKLH2p9oCfi6EOrVidAHVY6zNzrEN83ZwKQTDgoH8OnkLpxk3Fdc-u2XdLWxwUh_1asb81HvTgXNgpH4nrPLZos9mcMrBVq-l9maSYFhPfpxMMSmcCg_h1Y8_PLxjcScEZ1qoD8QK5xW6J03WHDPcJUhOhSrNlq3mlZR_GNrE3ol-JPcdYi__9zHg73UoNhSlntsJeh_m2B44osHXF8uxSYGt_F2LVuAVyF6vNT2sZx3JRpvK8sgNUkc54tqT1tZoRNhdihg3nHTO3xysRhS4eXWt9dgsSsLgkNK48R8vsiBMpe_8rexVmdnET0zTw_DMSCZAd08RrZc5qcpfxEveiWD5bdOodakAuxMZIn__XNke4KyHZNkby6708cNzm0kZs41RlDRfzHvNJzBRWGNHX24hd_pZ9UzozkQCsFXAdyFY3hcgvtthGrINms3pVXHbk1AY5G7NFaj-yPryJGzLlHKgPAmSt2mgKErSpmNeDoUX2TaRV2sd4OqBsjFhpz6AA39Oudy9100DcdSL1keTCn0qUB1KQJVL_SH1JJJmnu5mWgbrY1NU2pstrDMA7l4ZdbTIoom5wBYtAUg_5rEF_eMhyliPld865AdPJcj4cMK5H5bDpxuPfs8EjsxkdBsqXUY1hOX-YkHpPRc2SNoAvgOQRdnPCUn6gOrcmAbCSNSe5zME9kEn6w9-nTaM_T40WSTamQPvdrdgufr2LnZVQNXWlXewf8A13srXqGGN95ffkeRliVTxgF0e4JNKlh0Sqlo1yg7WLu4JdHaOIE8TZOwSzVTmBsysbKECxdiNcAjetaSbc3rZiyUIm1ayUTC5OSTdnstFtu41hHnsh0m1naOMn8pjZTrww7enSUaI9YVmUio5KOOM208PFUzkP6qmjS7-CVywpcoUxEI17E5pXhQPUEvEQ6OzfYt8RcmT2ZRP9u18u7I599Hy4rxouyBxldD03T6CebUM3UakKhvzVhCoHVnIrMBeO03rQ9HBO6v9d6HF_s0Tk9qd-A3guL28chQ2iHve087BysKo4E3m7jLTBNU3zT5MNyJB4tZnaf6FnBWndYAwqo48Ak6Xd63RjBMUOVT7LqTAPgSQLYMNgsgohYzLoQa6Y28aMeWFfAyCe7nEICnWzj3CgOoQCxbqkbxBLMflTyeWUQkZq7ORBTFOBPBgebR-oKK1xbJeUtVhjleYDzAPCk_Bja9u7ygVq3W9475cBevHrg3DNFMSmZxxXjX1a7S75KQI9SFM8M0Z-FrbKlOazfDKqDS0ldoDRtl42FUqzTVXGjCXjS3IH4RkNqvgSC46dNCqFRvmkPG4K_O4CkkLIaHI616lkP2nVsR7_b5-XJmCQaerfv5IVoLzww8hs4lZ__L8_37m9-pfs9eMVrNxentR_gyruep0eoHfG0hHP16lpK-KtWKyDOlUWVqsbiDNnW9xH9KQejaOc_lFVYdd_32u1nBNNud8sZVrZvqRh3uivIwnR4h7RCQmDhfHRKWyDNAnIn5aq30NkY3xSWiX2s7kc6gC7RIi1bnefltR_kWWXJ_ZdcyHybvuZZk7P4vUwJP-WbcImWaCEtZCriwxEjxjKKWitacpw16FfAyuN2zG262gsvEKpNeJYWphmSEqhNYj4qnKI6Z3lgMck48LLuDi8UE9a-x3rWg&cid=CAASBORozWU&rfl=1%2Chttps%253A%252F%252F2sao.vn%252F%240

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

667a6effbccc704c4738957b6a84b3abec072b061e7297c335a233b647df3e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=1337934782&adk=180678796&adf=226184560&pi=t.ma~as.1337934782&w=300&lmt=1615915679&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915678943&bpp=11&bdt=9292&idt=99&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1338956514774&frm=20&pv=2&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0nBK2DYLmd&p=https%3A//2sao.vn&dtd=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18722
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
tag.gammaplatform.com/adx/request/ 3 KB
3 KB 924ms
308ms Script
application/x-javascript 54.255.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.gammaplatform.com/adx/request/?wid=1407117130&zid=1563437432&urf=&zt=&cb=188710/

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.255.154.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

64569ba1c17cd1f81d7b5ece5897089069d2360ca5dfe540711bf7657c546245

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-javascript
server-time: 1.1(DD).1(B).1(W).1(CB).1
x-server: AdEx-App128
strict-transport-security: max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6743 170 B
506 B 90ms
35ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCevu-5AhiBxoWeATAB&v=APEucNUFnEvWW3Oeky542qmh5RuqR5kyVwE6pyPS23dxKYsR1gl9Zw55lORpbywtIRQdZl93olYyDZZVilutvqlCRb886s1vZ6qogUznj53C7EmQvc3MJ7C67OfPKosCvhNMzzNYP9NP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame 6743
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_sc&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEFvmri6pR0j8KFMbaEAc0z0&google_cver=1

43 B
183 B

268ms
88ms

Image
image/gif

2600:1f18:612b:4200:28fe:9b27:fbc6:f054
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEFvmri6pR0j8KFMbaEAc0z0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCevu-5AhiBxoWeATAB&v=APEucNUFnEvWW3Oeky542qmh5RuqR5kyVwE6pyPS23dxKYsR1gl9Zw55lORpbywtIRQdZl93olYyDZZVilutvqlCRb886s1vZ6qogUznj53C7EmQvc3MJ7C67OfPKosCvhNMzzNYP9NP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:28fe:9b27:fbc6:f054 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:00 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEFvmri6pR0j8KFMbaEAc0z0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame FE9D 21 KB
8 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLS4BlKfjIdnyau9Ng1kjFVKSrwe0Or8nosVdLqll87JG-S6K2QtQJy0_dx1hkf6M1HM4DvTSye9sjdpBdc3XSK378ZSSElXbvqmsJV5n7d7zhnjw61EyotY1lm2Z0WyaQiWpjD2D9SxW1XDK7MCaMVr7whA&dbm_d=AKAmf-Dk7hwbQSCNOrGdtVjhv4Zq4BAOtq-o_XjjmIAoyhNh1BEHIXSiYxDz1xFfKkSkBj7-K69-GDIF0_d6zHSpSQJwt-KI_NOg5f8UFMk-wZAvM_WPZn_7psl0GJ-LszI0JXMAOe5OTT2vxZCVv4L-ekepUbslreKqNnwPSaSZv-dDsCF0zeii6MzuN_2TzAUsiNujHv_pYlvdAGXVdG7xwM74uK_AB9i2hPm7-V7Y_dCV75mNtCYPKDAX8v9C7ZtrdAdOTSA-ROeXwY73Zv1fUx6Bf6JgV_3YjwUruHvuN_65BWltJ09CEoLA7uGb7X21P15FbSq5VNtRHaaEy6XDs0nu4a2S-cH5MdOdg5uP9a5Nh28K9mdAx0YLYrh1FNvHOWAKKouvVFeEq992tD-m2dB_QqlYYXGLgjzjH_1Ptq5xZqppPtEEEPv_68yNmP7oFnp6SiogxfhU7L6ReVmOR5Vmk6G4JvDxqZ-EdaWahkJLgVzQNl9tK16ok61ZM_WCDCa8a0MMD2JG1I9oR9xmnZwgEqN_AMVjuk7HUlkBem8uyP2T4tV-rH_LthvGs8Q-5UnFl38Eof3XksMbW4d4jDXfW1PUtsc38aC3j_VWLjekV9NGB3tulVDsVxeludzj0UUVn9NGchxSPXkpx5izZkxOCDj3iPP7WnlPdv24hwnr6zov6L27bkXn_PyMNCS7Zp-bt6b3K5D1dbYfITL0UnraOaFIZpo9keeb-PJAY3jLhGCBL-d8_DCrBT3RNY5FFCQ4p7A1JA0cXuEuKLAl_pyDY3Rt4VU8zB9Xas2jVl4MoILann1GX9K4TdF13E5dGhpLLsSZRjlMXPqTPuWpp2cEvem9Dg0wOfIjhou-GYGEhat_Hj42gBPBOxMAzEFFmOlypjeQbtbyqLqUDsffGeiHsXjm9rrtwgQYACDk7GRb75n-E9BtiQCe7MvyfyZ7gTliofUyy_lIPRIWlpHwndl0PZcEaO_BeEjWdk4pcIdP-q_sr3LfoNBygIKg_Q6WQxDty4JmMZNVWGabQKllna1a6mWfS1yjgu8_KHaA0gmpemO0zpq0Pg74dQza7qPq0uFmfrmYyISjz3vy8tR1XI14h-q_Fby5uQ4FxXm4Qkom83HtxnxbGxoCtWYzgWIhliH-3_9HF1hxsapiYT65nXlSGbCo7ksBwPVtw4ghBC9enxrRaPXxK-zOEhU1z2--In5a9gQQMPBVLGznjtxolTpGTNFOjHLSWnkEXzQrJZDDGGjDEZXjmHRTprmTKtfkKDsCeexdJ3MIo7GKUmWHsxR8mj6rSzLxUnHjNewaxLIzWflWok8yFXfx07RBG9Q_hl0Sy15MSmItJhI4or4vtNMQxcxKLH2p9oCfi6EOrVidAHVY6zNzrEN83ZwKQTDgoH8OnkLpxk3Fdc-u2XdLWxwUh_1asb81HvTgXNgpH4nrPLZos9mcMrBVq-l9maSYFhPfpxMMSmcCg_h1Y8_PLxjcScEZ1qoD8QK5xW6J03WHDPcJUhOhSrNlq3mlZR_GNrE3ol-JPcdYi__9zHg73UoNhSlntsJeh_m2B44osHXF8uxSYGt_F2LVuAVyF6vNT2sZx3JRpvK8sgNUkc54tqT1tZoRNhdihg3nHTO3xysRhS4eXWt9dgsSsLgkNK48R8vsiBMpe_8rexVmdnET0zTw_DMSCZAd08RrZc5qcpfxEveiWD5bdOodakAuxMZIn__XNke4KyHZNkby6708cNzm0kZs41RlDRfzHvNJzBRWGNHX24hd_pZ9UzozkQCsFXAdyFY3hcgvtthGrINms3pVXHbk1AY5G7NFaj-yPryJGzLlHKgPAmSt2mgKErSpmNeDoUX2TaRV2sd4OqBsjFhpz6AA39Oudy9100DcdSL1keTCn0qUB1KQJVL_SH1JJJmnu5mWgbrY1NU2pstrDMA7l4ZdbTIoom5wBYtAUg_5rEF_eMhyliPld865AdPJcj4cMK5H5bDpxuPfs8EjsxkdBsqXUY1hOX-YkHpPRc2SNoAvgOQRdnPCUn6gOrcmAbCSNSe5zME9kEn6w9-nTaM_T40WSTamQPvdrdgufr2LnZVQNXWlXewf8A13srXqGGN95ffkeRliVTxgF0e4JNKlh0Sqlo1yg7WLu4JdHaOIE8TZOwSzVTmBsysbKECxdiNcAjetaSbc3rZiyUIm1ayUTC5OSTdnstFtu41hHnsh0m1naOMn8pjZTrww7enSUaI9YVmUio5KOOM208PFUzkP6qmjS7-CVywpcoUxEI17E5pXhQPUEvEQ6OzfYt8RcmT2ZRP9u18u7I599Hy4rxouyBxldD03T6CebUM3UakKhvzVhCoHVnIrMBeO03rQ9HBO6v9d6HF_s0Tk9qd-A3guL28chQ2iHve087BysKo4E3m7jLTBNU3zT5MNyJB4tZnaf6FnBWndYAwqo48Ak6Xd63RjBMUOVT7LqTAPgSQLYMNgsgohYzLoQa6Y28aMeWFfAyCe7nEICnWzj3CgOoQCxbqkbxBLMflTyeWUQkZq7ORBTFOBPBgebR-oKK1xbJeUtVhjleYDzAPCk_Bja9u7ygVq3W9475cBevHrg3DNFMSmZxxXjX1a7S75KQI9SFM8M0Z-FrbKlOazfDKqDS0ldoDRtl42FUqzTVXGjCXjS3IH4RkNqvgSC46dNCqFRvmkPG4K_O4CkkLIaHI616lkP2nVsR7_b5-XJmCQaerfv5IVoLzww8hs4lZ__L8_37m9-pfs9eMVrNxentR_gyruep0eoHfG0hHP16lpK-KtWKyDOlUWVqsbiDNnW9xH9KQejaOc_lFVYdd_32u1nBNNud8sZVrZvqRh3uivIwnR4h7RCQmDhfHRKWyDNAnIn5aq30NkY3xSWiX2s7kc6gC7RIi1bnefltR_kWWXJ_ZdcyHybvuZZk7P4vUwJP-WbcImWaCEtZCriwxEjxjKKWitacpw16FfAyuN2zG262gsvEKpNeJYWphmSEqhNYj4qnKI6Z3lgMck48LLuDi8UE9a-x3rWg&cid=CAASBORozWU&rfl=1%2Chttps%253A%252F%252F2sao.vn%252F%240

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ec9f79b65c569ced21e12e2d405be370d6bf5ada72c410aba8386d30977de18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0
server: cafe
etag: 13855568932611873204
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 17:27:30 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/ Frame FE9D 8 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 17:20:16 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FE9D 0
484 B 122ms
68ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugrbU-JHHY1UzQsxmHwTv5mCoe2KrJ9E2VLbbyPahW4tlVwmpZRLVySXjWKoje4AZRTczqTJNjUrG7l9YUUmd2MazjFEepfNYLKaoT_Q6qo_jCycbj-QLHClyLBg9XyIwXZCdhOzWbvsNgL-MeCW1Pd-gCJNJcaGS8NwjhXtJfeMIdmpfpitKsKLZFBfTFi64EDRvKBXpJpdShOI0FdpVq590H0Q1YzxOVYIkDA1JjjnUbl10elnhrEWr1GgN_L5sK0-_JJU9LY4IYOXPDix56g1N1_wLNerwMmk0wYeDCYYzqjmNB5c3VQDpPiuWxUfthiG4xvXjghWsBLyDL4Ay1SjqCdNIyucNx-DqsJZzA7azPi0xxIkHENh5Btw_OpGbxIht5HbIcel7y7vzq-RoqNl7K9v4y5lpJ3U4rpdNHET7w1W0yjphcCfNfl4Mp-MBRk3Q5mAO3SIQB-Oso8JiUuYTd5Luc8_qaRxjS9-vB_HZYPTPVI2cpgvDovr--47yKwfd0im_SLEcRHvYPZbLQeFB6zbn_ywNdWaY03oTKrARKCV2-UdF8PyxBg1zzG3Wc0o1IDr9nIg_gpzBlBLz6w-oPcP1Hg4JhaDz17wpDoyRdZFijgyL8nE9mN18UxNaZUr5PnpdTduSSMlY6mFgYTHxCo_fLnFnuWcYX0a1vFsxlH9BD1fXvJV_8Z42VogKcgxxAj8ndMnyscsYFcldQsGbZkV5pZjerJ4QlRBwy64Pc4rUjiVmpACgCyzr3sl-6C1f9nQr0qrhquHPuevZfh_GMbMtcmPSZ4DkT_tW9gxpVsomESI8qkgn7QHYtc4wmSbr29SnEnBHNLToL6CEPOQZ0BACej-HJLEiyrQZOYNICbOEjFjxS6E2AU1nFnOJnJIN5yvmFEobVCw7ut2Nl9sHuU6UA5qpotN8nc_PkkhY1SsG6jMNO1Wl06a43RspuIawz598kGdW-bIUvnMb_dzoX0Wi0xmWKMQYcD8VM3RI0o1PpjwZBznxTNtaPr-5TUwyIpPWJAckq7xJCzV345DE0xjlrFk9hFruv&sai=AMfl-YQFllr0hC_qjDk3obIOaYTfc_MyQ2ZCJsDABo9Rn3NrRisqw1UwtzZTpp6wDJ2hfSqMBKhQzylXu0ft_GogE4xXrJMZjqKjSTp1Egy3dyiXpK7ohhMr_8OFvm5fs5DyU4Bn&sig=Cg0ArKJSzANdKR9A3NSREAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210310.23484&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Mar 2021 17:28:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FE9D 41 KB
15 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284309
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 10:29:31 GMT

GET
H2 200 300x250-MS-Accounting-Ad.jpg
s0.2mdn.net/10697887/ Frame FE9D 20 KB
20 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10697887/300x250-MS-Accounting-Ad.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b219f24bedeb42ce7a6705e4e46c11dd30ec307856b8c5edc9ebfd37e5e18d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:30:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 18:53:25 GMT
server: sffe
age: 10624
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20143
x-xss-protection: 0
expires: Wed, 17 Mar 2021 14:30:56 GMT

GET
DATA 200
OK truncated
/ Frame FE9D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25c5751b025dbac94ec66f2b65364ea6036d5cb3c08e73dfb71422c87496684a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FE9D 0
55 B 59ms
58ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 57A1 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 13 Mar 2021 10:29:33 GMT
expires: Sun, 13 Mar 2022 10:29:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 284307
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 57A1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 89596
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Tue, 15 Mar 2022 16:34:44 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57A1 0
25 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1r3ioOpQYJ_cEcny-gaH5LHoAgAAAAA4AeAEAg&bg=!-Pul-7jNAAUO7zDoDjsAKQB2-Dxa_u9QDmOCpSxvDoZWzwuPfl2ltvQi0tE1X3p-5s4IlnKo0wIGAgAAAIJSAAAADWgBBwoAplllqRoajaZx1bQsyeoTLJXQje2IyVEErsNbhNf8KKvrEDWpN0XRHXroFt7QrYyC62D53J2-eVElBwySZJEdVU2picywgX1OwhSlfiSU2MPXxRdzV3grCC8RgUkwhhYuFbmvrp2MOM_NtzH9xdbGgulhVszQIcV3v7Td0gUnIVWvesQQQLNhIjM9R_i6PxFZDjN_As8j9FOJR_P7CQB_8yExh3z7KySZAk_18ngngbwF62ljD8qS4yXvokxApocYfdpD1g0IAqlYFJpItMwKlKiSmRR8mH09Dmj-WsYNghawl3PKEGmOWZ4N9o9h6lEAHPvF_qKJsqhxBoHec6eSB7KjUmHwYXaj2EhRY62wAEpviBX0a5buanJumvlj9_Ogkif3Lal9ciyjnPnLH8qAvNUh2vaXeCzLpQEbuLk_kP7Yl5hw0OLkM12tFQX56Pa4gi2A_f7mbsheiVEwAcIhEy6yKlnXSgrvtMnmhsf6lVGNkJ_QNLlGs_iOQwBZod-7s3G2lYyBpXgbpipXFKLWhWKEGTcjex-4vmQDM3GdrPGQnsbj9-5LaewBLbEN4K-DeZBS0E7a-Sv1WG3Ch2GF9RXGEQT6i7tBjs4R8Vb8imDMEW1BSAAVk6vNgsYZHD7Y9D6sGs-ze-wbAhb877JWp5oK_kEF5PUcCurS_vBtXlKpO298x1vWRxJvlVcfIgeV6n6rnF5Qgtzhj87gVa5GFxsm52dv8c-lhqV1CBZCCn9Fq38-b45MJ2_hZWICMIB8uFz3TvACcufK4R4lAVaiWHpVXyCN8f6K-LO7fo_vumZsyuY_fxPI6q9tUvHvRYtKeYlrpkvi3yT0g0LCC5GT0doriIEyJD_p_90m7EDmSIeAxgDzeVvKrif-G8UMbSAtkFcihPb5jWt0Q-ppk5SX7LFUYNh94iBjrjp2z_h2hvjIHjhkr9VtsG72ffahf2oRpJHmZ6O8_bSBgieg0d23c3lNZDNW-yqQHg1LPtPJTpCEoBQZ2kfg8oc

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5E19 8 KB
3 KB 89ms
28ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Content/v2/lib/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://2sao.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=62635
Expires: Wed, 17 Mar 2021 10:51:56 GMT
Date: Tue, 16 Mar 2021 17:28:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 91CC 8 KB
3 KB 88ms
27ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Content/v2/lib/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://2sao.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=62635
Expires: Wed, 17 Mar 2021 10:51:56 GMT
Date: Tue, 16 Mar 2021 17:28:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 cc_ssp_new.js Show response
cdn2.cache.vn/banners/sspAnetTest/ 34 KB
12 KB 993ms
242ms Script
application/javascript 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.cache.vn/banners/sspAnetTest/cc_ssp_new.js
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3cc8de9565f70673f6ac39fafe569feb02a07ff8ae9125bd22d51ea1b6e59462

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Mar 2021 17:27:04 GMT
content-encoding: br
last-modified: Mon, 21 Sep 2020 07:12:05 GMT
server: nginx
etag: W/"5f685245-8946"
geoip_country_code: VN
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
cache-control: max-age=1209600
access-control-allow-headers: Range
x-cached: HIT, HIT
expires: Tue, 30 Mar 2021 17:27:04 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 66ms
25ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1407117102&s=http://2sao.vn&x=gammassp&nci=&adtg=1563437432&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1407117130&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 02:12:04 GMT
server: cloudflare
age: 4868
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb20fdbb5fa28-AMS
content-length: 1146
cf-request-id: 08ddad9de80000fa283bae5000000001
expires: Tue, 16 Mar 2021 19:28:01 GMT

GET
H2

200

recv
cm.gammaplatform.com/adx/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://cm.gammaplatform.com/adx/recv?pid=5&uid=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc

43 B
195 B

917ms
325ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=5&uid=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 127
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.gammaplatform.com/adx/recv?pid=5&uid=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2

200

recv
cm.gammaplatform.com/adx/
Redirect Chain

https://x.bidswitch.net/sync?ssp=ambient
https://x.bidswitch.net/ul_cb/sync?ssp=ambient
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dambient%26bsw_param%3Db87bf0be-8c16-43be-928c-bc9cb9eabc4d
https://x.bidswitch.net/sync?dsp_id=80&user_id=66e16050-eaa1-4700-ba8c-5e56cbef3b9b&expires=30&ssp=ambient&bsw_param=b87bf0be-8c16-43be-928c-bc9cb9eabc4d
https://cm.gammaplatform.com/adx/recv?pid=7&uid=b87bf0be-8c16-43be-928c-bc9cb9eabc4d

43 B
194 B

883ms
324ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=7&uid=b87bf0be-8c16-43be-928c-bc9cb9eabc4d

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 42
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

location: //cm.gammaplatform.com/adx/recv?pid=7&uid=b87bf0be-8c16-43be-928c-bc9cb9eabc4d
date: Tue, 16 Mar 2021 17:28:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

recv
cm.gammaplatform.com/adx/
Redirect Chain

https://gocm.c.appier.net/ambient
https://cm.gammaplatform.com/adx/recv?pid=10&uid=HCQwC4U7AXKsXIlCoepQYA

43 B
194 B

330ms
328ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=10&uid=HCQwC4U7AXKsXIlCoepQYA

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 38
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

location: https://cm.gammaplatform.com/adx/recv?pid=10&uid=HCQwC4U7AXKsXIlCoepQYA
date: Tue, 16 Mar 2021 17:28:01 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 98
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

recv
cm.gammaplatform.com/adx/
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=gaj
https://cm.gammaplatform.com/adx/recv?pid=31&uid=qa5wudkfdts

43 B
195 B

324ms
323ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=31&uid=qa5wudkfdts

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 222
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

lws: 103
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0
date: Tue, 16 Mar 2021 17:28:02 GMT
location: https://cm.gammaplatform.com/adx/recv?pid=31&uid=qa5wudkfdts
cache-control: no-store
accept-encoding: utf-8
content-length: 0

GET
H2

200

recv
cm.gammaplatform.com/adx/
Redirect Chain

https://cm.gammadsp.com/cm/send?vc=gdj
https://cm.gammaplatform.com/adx/recv?pid=50&uid=qa5wudt5obj

43 B
194 B

325ms
324ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=50&uid=qa5wudt5obj

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 35
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

lws: 71
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0
date: Tue, 16 Mar 2021 17:28:02 GMT
location: https://cm.gammaplatform.com/adx/recv?pid=50&uid=qa5wudt5obj
cache-control: no-store
accept-encoding: utf-8
content-length: 0

GET
H2

200

tpid=pznyu21y0ffy
bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=pznyu21y0ffy
https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=pznyu21y0ffy

49 B
807 B

76ms
76ms

Image
image/gif

34.245.253.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=pznyu21y0ffy
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.253.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-253-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.191
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=pznyu21y0ffy
cache-control: no-cache
x-server: 10.45.5.58
content-length: 0
expires: 0

GET
H2

200

sync
d.gammaplatform.com/ltm/
Redirect Chain

https://ad.crwdcntrl.net/5/c=13633/pe=y?https%3A%2F%2Fd.gammaplatform.com%2Fltm%2Fsync%3Fsegs%3D%24%7Baud_ids%7D
https://d.gammaplatform.com/ltm/sync?segs=

43 B
194 B

983ms
323ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.gammaplatform.com/ltm/sync?segs=

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 35
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://d.gammaplatform.com/ltm/sync?segs=
cache-control: no-cache
x-server: 10.45.10.147
content-length: 0
expires: 0

GET
H2 200 Ad Show response
vads.net.vn/ 1 KB
2 KB 252ms
251ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=13&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: f4f5460ec0235f100afd1a88d2bae013fcda8989f5b385bcdf61b211b535b2aa

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 232
content-length: 1342
expires: -1

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 34ms
33ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1615915681276&ver1=2.2.3&qid=83432313f553532313f5435393&rnd=o4jyzwssi7bi&cid=954
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1407117102&s=http://2sao.vn&x=gammassp&nci=&adtg=1563437432&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1407117130&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 04:05:26 GMT
server: cloudflare
age: 4530
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb2100c21fa28-AMS
content-length: 23972
cf-request-id: 08ddad9e0c0000fa2819b13000000001
expires: Tue, 16 Mar 2021 19:28:01 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EB3B 37 KB
14 KB 43ms
42ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=58178
Expires: Wed, 17 Mar 2021 09:37:39 GMT
Date: Tue, 16 Mar 2021 17:28:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1F41 37 KB
14 KB 35ms
35ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=58178
Expires: Wed, 17 Mar 2021 09:37:39 GMT
Date: Tue, 16 Mar 2021 17:28:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
445 B 33ms
12ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1615915681339814&ver=1.2r81&qid=83432313f553532313f5435393&p=&s=&x=&cid=954&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=o4jyzwssi7bi&impid=&tps=99&ver1=2.2.3&1=ddb857c6c4d475116165c5b0aedc696a&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=954&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=20&icp=https%253A//2sao.vn/&irfl=0&irf=&cty=4&fcs=1&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0-51-27-v8&trim=&fio=50
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 02:11:56 GMT
server: cloudflare
age: 3676
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb210dd4e4a8b-FRA
content-length: 26
cf-request-id: 08ddad9e8700004a8be7246000000001
expires: Tue, 16 Mar 2021 19:28:01 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame EB3B 2 KB
3 KB 99ms
24ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=75118282&p=159249&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b1567e619d2f9ecb23c346f0681221d3ae16ea01d53271b5ab1ddd2b8bf0c1c7

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:01 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 1FBA
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4613369655499756709

42 B
769 B

28ms
26ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4613369655499756709
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=75118282&p=159249&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=159249:2; KADUSERCOOKIE=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1; chkChromeAb67Sec=1; DPSync3=1617062400%3A227_226_221_201; SyncRTB3=1617062400%3A220_21_13_161_54%7C1617148800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 16 Mar 2021 17:28:01 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-4613369655499756709; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 15-Apr-2021 17:28:01 GMT; path=/ PugT=1615915681; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 15-Apr-2021 17:28:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 14-Jun-2021 17:28:01 GMT; path=/
X-lat: lhrpug011:0:676
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4613369655499756709
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 88F3 43 B
326 B 55ms
17ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=75118282&p=159249&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 16 Mar 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1426
x-powered-by: ASP.NET
date: Tue, 16 Mar 2021 17:28:00 GMT
content-length: 43

GET
H2 200 recv Show response
cm.gammaplatform.com/adx/ Frame 27B5 43 B
194 B 792ms
323ms Document
image/gif 52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.gammaplatform.com/adx/recv?pid=53&uid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: cm.gammaplatform.com
:scheme: https
:path: /adx/recv?pid=53&uid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _aUID=pznyu21y0ffy; _aGeoIp=NL|Amsterdam; _aCMP_5=3; _aCMP_7=1; _aCMP_10=1; _aCMP_31=2; _aCMP_35=0; _aCMP_50=1; _aCMP_53=0; _aCMPD_1=1; _aCMPD_2=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-encoding: gzip
accept-encoding: utf-8
lws: 90
content-type: image/gif
content-length: 51
time-ms: 0
date: Tue, 16 Mar 2021 17:28:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=naKxr4MfTq6B8w9_ypuN4Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

46ms
45ms

Image
text/html

104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=62635
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Wed, 17 Mar 2021 10:51:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame EB3B 95 B
595 B 47ms
24ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 630fb211afff4eaf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08ddad9f0c00004eaf7b008000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame EB3B
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

41ms
41ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:59 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:27:59 GMT
frontend-id: 13
location: /pubmatic/1/info2?sType=sync&sExtCookieId=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame EB3B
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&addseg=17

7 B
147 B

60ms
18ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&addseg=17
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:01 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Tue, 16 Mar 2021 17:28:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9DA2B1AF-831F-4EAE-81F3-0F7FCA9B8DE1&addseg=17
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame EB3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OURBMkIxQUYtODMxRi00RUFFLTgxRjMtMEY3RkNBOUI4REUx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

122ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:01 GMT
X-lat: lhrpug017:0:354
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame EB3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGUUn-Kj-dcrXkRYnnU03e4&google_cver=1

42 B
855 B

98ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGUUn-Kj-dcrXkRYnnU03e4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:01 GMT
X-lat: lhrpug020:0:494
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGUUn-Kj-dcrXkRYnnU03e4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame EB3B 43 B
611 B 80ms
24ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 15 Mar 2021 17:28:01 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame EB3B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc

42 B
882 B

96ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:01 GMT
X-lat: lhrpug003:0:552
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ecb7fda-ddc5-427b-92a8-ab6dae7d0bdc
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 imp-tracking
log.vads.net.vn/ad/ 43 B
286 B 300ms
300ms Image
image/gif 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.vads.net.vn/ad/imp-tracking?action_name=8FvWuXMMmRnMtvtit0wSK4sQAt0Td9rJ0qKLtqChsGsK7z2xqw8m_@$_py1dBrhE2qP2jnwQszUuUUiLaQsMizCy2fF9mtXRG4DWR03opRdRbHXMNwdsVaaRCBixkETVSTFIdcV1LjRbu4fBV2_@$_oTqoD_@$_mfn96MZet3fheAdclaQOuyF4qbVvvqixPbC20NqbX6_@$_d0Wcqd1AmfjZ4swj_@$_fkrbSwsNfNweyO@WyeHDb@GJRetBAiHCyGzKc8ED7pkF@3Tm39EPsCazo4kWdh0WjuNg==
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 234
server: nginx
content-length: 43
vary: Accept-Encoding
content-type: image/gif

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c401328012b459cc26bf8737289be868980df8e4e17c236e020da437d48810d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49940
x-xss-protection: 0
server: cafe
etag: 14688670678261208085
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 17:28:01 GMT

GET
H2 200 Ad Show response
vads.net.vn/ 1 KB
2 KB 340ms
334ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=17&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: c11d4f4e5b453e924632b510ac0dd6aa46ca67e9445505286b5e366fcfa64339

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 233
content-length: 1255
expires: -1

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 45ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 45ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5020 399 B
247 B 191ms
189ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=8721996733&adk=1851583187&adf=2616621394&pi=t.ma~as.8721996733&w=300&lmt=1615915681&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915681582&bpp=1&bdt=11931&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ecdfb6b0957aaf0-22d41ca01ba7009a%3AT%3D1615915679%3ART%3D1615915679%3AS%3DALNI_ManTQtUZJ9knTLnGiz55QBJ3N0CmQ&prev_fmts=300x250%2C0x0&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ck8vI0ubXV&p=https%3A//2sao.vn&dtd=17

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

163140a132a9fd8a4b773ba85118a95e8d24cdd7685f23b0dbfa24b9a7177deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0771410550134874&output=html&h=250&slotname=8721996733&adk=1851583187&adf=2616621394&pi=t.ma~as.8721996733&w=300&lmt=1615915681&psa=0&format=300x250&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915681582&bpp=1&bdt=11931&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ecdfb6b0957aaf0-22d41ca01ba7009a%3AT%3D1615915679%3ART%3D1615915679%3AS%3DALNI_ManTQtUZJ9knTLnGiz55QBJ3N0CmQ&prev_fmts=300x250%2C0x0&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ck8vI0ubXV&p=https%3A//2sao.vn&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnC6TtD_fWPyNev073fIkEltHaIpeTjPS80xwt1hAecEmjunQlhswq7OzufLgk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 17:28:01 GMT
server: cafe
content-length: 200
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE9D 42 B
479 B 68ms
54ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLetYlfB-DK5H1rgQghK0L5XJnedQRTLJUMag7BBtK-VvYljMBYXfqKY933debY02-48uFDU6zCJi6DNCDo_yCa5sxoyrh2CVTWX8UtRoqIgWN&sai=AMfl-YTZjKibdCi2RFtkyg4Gkkbdy4ZQfQPYh3IgoqXmjzvhD35XZH0SieykSMW1BjGJAdOcxvBVaw41GH1n&sig=Cg0ArKJSzGkBfQwN4VDzEAE&cid=CAASBORozWU&id=osdim&mcvt=1002&p=117,990,371,1290&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20210315&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=180678796&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615915679069&dlt=1185&rpt=102&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp-tracking
log.vads.net.vn/ad/ 43 B
286 B 255ms
255ms Image
image/gif 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.vads.net.vn/ad/imp-tracking?action_name=al6rniKyyhLM6fgHoCyqb77jD3GvcgUT9Gqj5UfdkjavTsOVmnQ9WUaiIzVDq6NSW2EHTacV1LjBoKrVvTEAoGMTlYLVcNBUcK7Br90KHmQGByCRuImLcxFG03GtJ0RRNB6ehtQVQ7b7B@Q669CmbWURx3dYRmADfKPJZCo5311v0EIgW10351rJJAa1V8ffVV_@$_S6sCUn4yqI7pzmtxo_@$_D0HI7qHTl75KUNcbZ2J7BQNK2piCafRRQlA1ofuPofAKxCbNNuF@ko9m3mwFvfeCQ==
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 234
server: nginx
content-length: 43
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ad-exchange.js Show response
gamma.cachefly.net/js/ 8 KB
3 KB 17ms
17ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://gamma.cachefly.net/js/ad-exchange.js
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8bc47888d38c629485975fa1e1f57bf5166fd24880bebf2fdaa4ccd190313f47

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:01 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 604800.000
x-cf1: 16114:fB.ams1:co:1615366953:cacheN.ams1-01:H
gamma-cdn: srv_178
content-length: 2563
x-cf-tsc: 1615366957
x-cf2: H
last-modified: Wed, 10 Mar 2021 07:30:07 GMT
server: CFS 0215
x-cff: B
etag: W/"6048757f-1eed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf4age: 20
accept-ranges: bytes
x-cf-rand: 77.784
expires: Wed, 17 Mar 2021 17:28:01 GMT

GET
H2 200 / Show response
tag.gammaplatform.com/adx/request/ 1 KB
918 B 308ms
307ms Script
application/x-javascript 54.255.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.gammaplatform.com/adx/request/?wid=1407117130&zid=1595327523&urf=&zt=&cb=641688/

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.255.154.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6ca836b4ecdd2725b996483221d1d6bfa460fe847a69cc4f2c5cbe1be87c7d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-javascript
server-time: 0.1(DD).1(B).1(W).1(CB).1
x-server: AdEx-App127
strict-transport-security: max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
1 KB 51ms
50ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1407117102&s=http://2sao.vn&x=gammassp&nci=&adtg=1595327523&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1407117130&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 02:12:04 GMT
server: cloudflare
age: 4869
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb21659bdfa28-AMS
content-length: 1146
cf-request-id: 08ddada1f50000fa28f1119000000001
expires: Tue, 16 Mar 2021 19:28:02 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 03DC 399 B
247 B 78ms
77ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=4800361039&adk=3710405617&adf=3872338552&pi=t.ma~as.4800361039&w=300&lmt=1615915682&psa=0&format=300x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915682274&bpp=2&bdt=12623&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ecdfb6b0957aaf0-22d41ca01ba7009a%3AT%3D1615915679%3ART%3D1615915679%3AS%3DALNI_ManTQtUZJ9knTLnGiz55QBJ3N0CmQ&prev_fmts=300x250%2C0x0%2C300x250&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=EYi7mq6NLP&p=https%3A//2sao.vn&dtd=11

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a7e6e39b1a376f6403a0b56ec014615cd993d53d6faee8afe99daf1ca22f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=4800361039&adk=3710405617&adf=3872338552&pi=t.ma~as.4800361039&w=300&lmt=1615915682&psa=0&format=300x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915682274&bpp=2&bdt=12623&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ecdfb6b0957aaf0-22d41ca01ba7009a%3AT%3D1615915679%3ART%3D1615915679%3AS%3DALNI_ManTQtUZJ9knTLnGiz55QBJ3N0CmQ&prev_fmts=300x250%2C0x0%2C300x250&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=EYi7mq6NLP&p=https%3A//2sao.vn&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnC6TtD_fWPyNev073fIkEltHaIpeTjPS80xwt1hAecEmjunQlhswq7OzufLgk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 17:28:02 GMT
server: cafe
content-length: 199
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Ad Show response
vads.net.vn/ 2 KB
2 KB 293ms
293ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=18&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 014400650eac8379b4fef87d057ad2fd3ae4a721e6e7ee6a3fcd6caf302a80d2

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:02 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 234
content-length: 1616
expires: -1

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 25ms
24ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1615915682336&ver1=2.2.3&qid=83432313f553532313f5435393&rnd=da8chh7gaoem&cid=954
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1407117102&s=http://2sao.vn&x=gammassp&nci=&adtg=1595327523&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1407117130&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 04:05:26 GMT
server: cloudflare
age: 4531
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb216aa6dfa28-AMS
content-length: 23972
cf-request-id: 08ddada22a0000fa2847a75000000001
expires: Tue, 16 Mar 2021 19:28:02 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
265 B 12ms
11ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1615915682353&rnd=o4jyzwssi7bi&ifm=0&uai=1&cid=954&s=&p=&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//2sao.vn/&impid=
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 02:11:56 GMT
server: cloudflare
age: 3671
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb216b9414a8b-FRA
content-length: 26
cf-request-id: 08ddada23400004a8ba1110000000001
expires: Tue, 16 Mar 2021 19:28:02 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
114 B 11ms
11ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1615915682382863&ver=1.2r81&qid=83432313f553532313f5435393&p=&s=&x=&cid=954&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=da8chh7gaoem&impid=&tps=134&ver1=2.2.3&1=ddb857c6c4d475116165c5b0aedc696a&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=954&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=20&icp=https%253A//2sao.vn/&irfl=0&irf=&cty=4&fcs=1&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-51-27-v8&trim=&fio=63
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 02:11:56 GMT
server: cloudflare
age: 3677
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb2174a704a8b-FRA
content-length: 26
cf-request-id: 08ddada29100004a8b898c6000000001
expires: Tue, 16 Mar 2021 19:28:02 GMT

GET
H2 200 external_ad Show response
ssp.qc.coccoc.com/ 278 B
644 B 1223ms
490ms Fetch
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.qc.coccoc.com/external_ad?ssp_name=24h&location=https%3A%2F%2F2sao.vn%2F&placement=ccadnet_26_28
Requested by: Host: cdn2.cache.vn
URL: https://cdn2.cache.vn/banners/sspAnetTest/cc_ssp_new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5112e0606ae283b0ffdd7ec913c79a8c86813142aa98d573b0f56e218cb3db03

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Mar 2021 17:28:03 GMT
server: nginx
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://2sao.vn
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Range
content-length: 278

GET
H2 200 imp-tracking
log.vads.net.vn/ad/ 43 B
285 B 243ms
243ms Image
image/gif 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.vads.net.vn/ad/imp-tracking?action_name=8RMmGvXmH@5Wa0n69Wy0q6FilfrK9tVO_@$_G8c7Jb98SERQn26CKK@6Im3bq2hn0Gx8gvgwRaLLjdad1PS5aDel0JIvwNMK8lzhy5T2ftufYvok9@j5jVuuyj8fuKnpiovlK@YFp7TCsiqqtbwQeDTPt1li_@$_tS2LRj4XbG@_@$_3DVAfBTZqcBy06oIruSrq1sTmZpIGc9Ozl9t6yanv4W0t5gFTJTG@yWeGRFxTjXihCvxXFsiM9Bt4RoWdLfRiD2@ojPEgByPIIQ_@$_V6FHmM6vL1mg==
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 231
server: nginx
content-length: 43
vary: Accept-Encoding
content-type: image/gif

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c401328012b459cc26bf8737289be868980df8e4e17c236e020da437d48810d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49940
x-xss-protection: 0
server: cafe
etag: 14688670678261208085
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 17:28:02 GMT

GET
H2 200 Ad Show response
vads.net.vn/ 48 B
463 B 277ms
276ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=73&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0141f848a474a376eba8cc7d91da5f268c434d16b8906fc584a8b4ee8aa5412a

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:02 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 230
content-length: 48
expires: -1

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14BC 399 B
401 B 95ms
95ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=5934506399&adk=2003467330&adf=4011520158&pi=t.ma~as.5934506399&w=300&lmt=1615915682&psa=0&format=300x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915682689&bpp=2&bdt=13038&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C300x250%2C300x600&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=OS59eTXJWU&p=https%3A//2sao.vn&dtd=13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

997ab5c567bb631a4c895e150b039ba5e9999e3844586a9a938b5db5c23ed733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=5934506399&adk=2003467330&adf=4011520158&pi=t.ma~as.5934506399&w=300&lmt=1615915682&psa=0&format=300x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915682689&bpp=2&bdt=13038&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C300x250%2C300x600&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=OS59eTXJWU&p=https%3A//2sao.vn&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 17:28:02 GMT
server: cafe
content-length: 198
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Mar-2021 17:43:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 17:28:02 GMT
cache-control: private

GET
H2 200 adgroup Show response
vads.net.vn/ 515 B
692 B 252ms
252ms Script
application/x-javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/adgroup?t=z4-z5&w=2&domain=2sao.vn/cat0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6eb63831382e10e16fd7ce65dc31dfc06001e70335793be49a851d449c902529

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:03 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
server: nginx
content-length: 515
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8

GET
H2 200 Ad Show response
vads.net.vn/ 1 KB
2 KB 282ms
282ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=4&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: d3f09571e86f8a7ddc6bd6e7639ec4a8211e4b1bf7e556907758d54c4683b1b2

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:03 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 230
content-length: 1388
expires: -1

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
265 B 11ms
11ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1615915683398&rnd=da8chh7gaoem&ifm=0&uai=1&cid=954&s=&p=&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//2sao.vn/&impid=
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:03 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 02:11:56 GMT
server: cloudflare
age: 3672
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 630fb21d4e244a8b-FRA
content-length: 26
cf-request-id: 08ddada64900004a8b92184000000001
expires: Tue, 16 Mar 2021 19:28:03 GMT

GET
H2 200 imp-tracking
log.vads.net.vn/ad/ 43 B
286 B 469ms
469ms Image
image/gif 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.vads.net.vn/ad/imp-tracking?action_name=jyZWGTgQvIwizbQnzQK5ZP48nVE5RyoZbCQPcZg7wptnj@g4E2757MM5PrXd_@$_Unic6J8CHpZapkCJjGT_@$__@$_2xryoFpIvFrbtHSyEsoi7lJj75Jf5l3_@$_whZCn98Qw9i0WePJPLJSZwsdBelUx@YRqFGOAW_@$_8qwI9PSBWHliCmvzDbxtXCjWOH7GHZHN1gs_@$_YLZM5X6Nj4yhYTerqpzt4O6vGNkBc3pUGqUvqZevdfPseTl7MMw6P3VjsuM6J1X3b0eej7rm1d4siDwBlzH@KWexA==
Requested by: Host: 2sao.vn
URL: https://2sao.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:03 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
backend: 233
server: nginx
content-length: 43
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 Ad Show response
vads.net.vn/ 45 B
459 B 242ms
242ms Script
text/javascript 103.21.150.167
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vads.net.vn/Ad?z=5&w=2&domain=2sao.vn/cat0&isvast=0
Requested by: Host: 2sao.vn
URL: https://2sao.vn/Scripts/jquery.writeCapture.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.21.150.167 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: d84f27b13731dff5ce3f51c3f6fd0d7f9c60495384061b56c81cdfee9c150815

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:03 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
backend: 231
content-length: 45
expires: -1

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2sao.vn

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 069E 399 B
408 B 74ms
74ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=2001146221&adk=3130887505&adf=3243823506&pi=t.ma~as.2001146221&w=160&lmt=1615915683&psa=0&format=160x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915683524&bpp=2&bdt=13873&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C300x250%2C300x600%2C300x600&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=130&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8q2mna7mAS&p=https%3A//2sao.vn&dtd=8

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c46a30820b54ea6c3b36d315e8a9f0ffd885cd44e3a080843f0ed9d232ec508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0771410550134874&output=html&h=600&slotname=2001146221&adk=3130887505&adf=3243823506&pi=t.ma~as.2001146221&w=160&lmt=1615915683&psa=0&format=160x600&url=https%3A%2F%2F2sao.vn%2F&flash=0&wgl=1&dt=1615915683524&bpp=2&bdt=13873&idt=2&shv=r20210310&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C300x250%2C300x600%2C300x600&nras=1&correlator=1338956514774&frm=20&pv=1&ga_vid=1053352621.1615915671&ga_sid=1615915679&ga_hid=1513476994&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=130&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737537%2C21068945&oid=3&psts=AGkb-H9vFh2o0KGLYOit3_DdfVN_T0lmNwKXu9GPIPiqVRrUOUM1GaCG6Hc4Sf0YhpVog4ItWtLaXAt9f38B&pvsid=1373439239949565&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8q2mna7mAS&p=https%3A//2sao.vn&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Mar 2021 17:28:03 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUmJzJr37ruXq8dSU6a8mEqwV4iZ0RrSWpYCR1Cg4ObR7Xij3xfhdJnG5ZkZ7lg; expires=Sun, 10-Apr-2022 17:28:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Mar 2021 17:28:03 GMT
cache-control: private

GET
H2 200 get_adm Show response
qccoccocmedia.vn/ Frame 2C8D 9 KB
5 KB 1194ms
480ms Document
text/html 123.30.175.51
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://qccoccocmedia.vn/get_adm?id=b2631d14-b3cf-4160-aa81-3571e15cacde&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Requested by: Host: cdn2.cache.vn
URL: https://cdn2.cache.vn/banners/sspAnetTest/cc_ssp_new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.51 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2b22bae5ed2a880050ca0db2583282c65bdd32c5b4ab059ab825823496d43b60

Request headers

:method: GET
:authority: qccoccocmedia.vn
:scheme: https
:path: /get_adm?id=b2631d14-b3cf-4160-aa81-3571e15cacde&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

server: nginx
date: Tue, 16 Mar 2021 17:28:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: Range
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
pragma: public
content-encoding: gzip

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1F41 37 KB
14 KB 32ms
31ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=58175
Expires: Wed, 17 Mar 2021 09:37:39 GMT
Date: Tue, 16 Mar 2021 17:28:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1F41 4 KB
5 KB 24ms
24ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=40339621&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8547cb91200b2da8635c35e70c059091766e562a3ef557ae8eac1afe5bab6bbe

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:02 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_36dqqtxEZRPuK9rYNHcg&google_cver=1

42 B
855 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_36dqqtxEZRPuK9rYNHcg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug019:0:383
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_36dqqtxEZRPuK9rYNHcg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 1F41 43 B
611 B 23ms
23ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=40339621&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 15 Mar 2021 17:28:04 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 1663
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5522865221308078194

42 B
769 B

25ms
23ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5522865221308078194
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=40339621&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=158212:4; KADUSERCOOKIE=AE3D1C04-C189-41C8-8E9E-975B413F5F3C; chkChromeAb67Sec=1; DPSync3=1617062400%3A201_227_226_221; SyncRTB3=1617062400%3A22_166_13_56_8_220_21_3_54_7_161_71%7C1617148800%3A35%7C1616716800%3A63%7C1616457600%3A223; KRTBCOOKIE_27=16735-uid:847d6050-eaa4-4700-b611-a9623f3153c3&KRTB&16736-uid:847d6050-eaa4-4700-b611-a9623f3153c3&KRTB&23019-uid:847d6050-eaa4-4700-b611-a9623f3153c3&KRTB&23114-uid:847d6050-eaa4-4700-b611-a9623f3153c3; PugT=1615915684; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEF_36dqqtxEZRPuK9rYNHcg&KRTB&22987-CAESEF_36dqqtxEZRPuK9rYNHcg&KRTB&23025-CAESEF_36dqqtxEZRPuK9rYNHcg; KRTBCOOKIE_153=1923-fuKEzC2z0Mhl6oKfLuucyi7hgphl59LPLuSYtKGM&KRTB&19420-fuKEzC2z0Mhl6oKfLuucyi7hgphl59LPLuSYtKGM&KRTB&22979-fuKEzC2z0Mhl6oKfLuucyi7hgphl59LPLuSYtKGM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 16 Mar 2021 17:28:04 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-5522865221308078194; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 15-Apr-2021 17:28:04 GMT; path=/ PugT=1615915684; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 15-Apr-2021 17:28:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 14-Jun-2021 17:28:04 GMT; path=/
X-lat: lhrpug003:0:473
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5522865221308078194
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3f7d0ff0-f1a5-4982-ba89-ed50d8f7efa9

42 B
882 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3f7d0ff0-f1a5-4982-ba89-ed50d8f7efa9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug003:0:590
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3f7d0ff0-f1a5-4982-ba89-ed50d8f7efa9
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8EDB 43 B
325 B 17ms
16ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=40339621&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 16 Mar 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 971
x-powered-by: ASP.NET
date: Tue, 16 Mar 2021 17:28:03 GMT
content-length: 43

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 96D2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKUlRrN0FvZFVBQUJCSFc0cEFadw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJRTk7AodUAABBHW4pAZw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJRTk7AodUAABBHW4pAZw&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJRTk7AodUAABBHW4pAZw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

80ms
27ms

Document
image/gif

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJRTk7AodUAABBHW4pAZw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=40339621&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 16 Mar 2021 17:28:05 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Tue, 16 Mar 2021 17:28:05 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJRTk7AodUAABBHW4pAZw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2 200 recv Show response
cm.gammaplatform.com/adx/ Frame D120 43 B
466 B 327ms
324ms Document
image/gif 52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.gammaplatform.com/adx/recv?pid=35&uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: cm.gammaplatform.com
:scheme: https
:path: /adx/recv?pid=35&uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-encoding: gzip
set-cookie: _aGeoIp=NL|Amsterdam; path=/; domain=.gammaplatform.com; secure; Max-Age=86400; Expires=Wed, 17-Mar-2021 17:28:04 GMT; SameSite=None _aUID=1n1yszsxbs87; path=/; domain=.gammaplatform.com; secure; Max-Age=63072000; Expires=Thu, 16-Mar-2023 17:28:04 GMT; SameSite=None
accept-encoding: utf-8
lws: 222
content-type: image/gif
content-length: 51
time-ms: 0
date: Tue, 16 Mar 2021 17:28:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rj0cBMGJQciOnpdbQT9fPA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

29ms
27ms

Image
text/html

104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=62632
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Wed, 17 Mar 2021 10:51:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 1F41 95 B
387 B 29ms
26ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 630fb22428884eaf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08ddadaa9a00004eafc92b0000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 1F41
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&sInitiator=external&gdpr=0&gdpr_consent=

42 B
602 B

43ms
42ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:02 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:02 GMT
frontend-id: 0
location: /pubmatic/1/info2?sType=sync&sExtCookieId=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&addseg=17

7 B
147 B

21ms
20ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&addseg=17
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Tue, 16 Mar 2021 17:28:04 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&addseg=17
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUUzRDFDMDQtQzE4OS00MUM4LThFOUUtOTc1QjQxM0Y1RjND&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

24ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug015:0:345
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4082974739836487256

42 B
801 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4082974739836487256
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug020:0:298
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:04 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4082974739836487256
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:847d6050-eaa4-4700-b611-a9623f3153c3&gdpr=0&gdpr_consent=

42 B
946 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:847d6050-eaa4-4700-b611-a9623f3153c3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug011:0:573
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Tue, 16 Mar 2021 17:28:53 GMT
Server: MT3 3611 f10363c master cdg-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:847d6050-eaa4-4700-b611-a9623f3153c3&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 Mar 2021 17:28:52 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2452115999356747516&gdpr=0&gdpr_consent=

42 B
769 B

24ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2452115999356747516&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug008:0:508
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 17:28:04 GMT
X-Proxy-Origin: 185.212.171.75; 185.212.171.75; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid: bec28f02-5ce1-4838-b1a8-a6a33daaea83
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2452115999356747516&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 AE3D1C04-C189-41C8-8E9E-975B413F5F3C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1F41 43 B
842 B 104ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/AE3D1C04-C189-41C8-8E9E-975B413F5F3C?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE3D1C04-C189-41C8-8E9E-975B413F5F3C&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFRdwdxE2uUhtwtWNyRLmuv17LpCOJ0-~A&gdpr=0&gdpr_consent=

0
418 B

82ms
18ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFRdwdxE2uUhtwtWNyRLmuv17LpCOJ0-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:03 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFRdwdxE2uUhtwtWNyRLmuv17LpCOJ0-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=880a6018-d5c0-429d-9927-8715c08936b2&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

28ms
24ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=880a6018-d5c0-429d-9927-8715c08936b2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug020:0:418
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=880a6018-d5c0-429d-9927-8715c08936b2&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 16 Mar 2021 17:28:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fuKEzC2z0Mhl6oKfLuucyi7hgphl59LPLuSYtKGM

42 B
894 B

23ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fuKEzC2z0Mhl6oKfLuucyi7hgphl59LPLuSYtKGM
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug003:0:360
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fuKEzC2z0Mhl6oKfLuucyi7hgphl59LPLuSYtKGM
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 1F41
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFDqpAAAAKYISizr&gdpr=0&gdpr_consent=&_test=YFDqpAAAAKYISizr

1 B
809 B

25ms
24ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFDqpAAAAKYISizr&gdpr=0&gdpr_consent=&_test=YFDqpAAAAKYISizr
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 17:28:04 GMT
X-lat: lhrpug010:0:412
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615915685.697246,VS0,VE0
x-served-by: cache-fra19160-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFDqpAAAAKYISizr&gdpr=0&gdpr_consent=&_test=YFDqpAAAAKYISizr
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 event
ssp.qc.coccoc.com/ Frame 2C8D 0
43 B 246ms
244ms Image
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.qc.coccoc.com/event?data=_0HrW50vfHtCSq-qIXGVEx7yvC1ECY3vG2*s1gdn7XiRpF7S1bfXFcKbeaVfJd47ZwsJBIj-CNeylrWw0AMN0-6bqYwKVxIFaZKmpPOs-j3fQaxm4vx1UhK7XdUbTn-a7p161QJdS0orw-9hzSSS4XJ*-j0C7c6S87L57jv*qp6EwFwLAA20btIB-PCiOUIFp-3Ba2pFxgXMX3nKaozZ4Ja1gG8AUPVPS27QnJsqGH3UDXrkQiKsCMmpyMj55MtI9F6loqlsq8XjZK89qjcbmY35sEtKW1RfrOITWowIB4OR3Fifc*XkDbqDYdDop8hfqtlwOfeTlUuUX6o4vsHDfarRsCjQWmcfnjeUlBqF-vWcnpwHkKpuyBMSpwyYfER3QP0rOp53-EDAiq*LsxAiAsrgcloWZznpdbBvCMDPujpPz5l6RgwK0W69Yyeje39qMNg8asw*wghA--wGHCJs02e4BP1A8nHrF7OfC5284qkMo0tCIjHweUlMXtlzPue084XjIkUuukZ*t6v5A.&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Requested by: Host: qccoccocmedia.vn
URL: https://qccoccocmedia.vn/get_adm?id=b2631d14-b3cf-4160-aa81-3571e15cacde&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://qccoccocmedia.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:05 GMT
content-length: 0
server: nginx

GET
H2 200 show
display.qc.coccoc.com/ Frame 2C8D 0
91 B 1152ms
453ms Image
image/gif 123.30.175.43
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://display.qc.coccoc.com/show?show=_0trS50vdarSSg-50HBZQhJln80o3TiyRQa68CDx7Hr5nRUvnHKYaOtBrwFToNghT5ZPWjTyKqwqJkSyvqtSs3oQd-uskYjIGLSfZpR6TyEvngzO6vpAy2HreE-JwC5Xb*tC0Gu9hkY6c8yNElZcgj0LUjNiKKYwzaMtyEVL-yWPk2KB7tEC1x5wW6sj6DS1tf9MmDlksUYL01212mIHLxQ4qr1X3KJAQgXVZSstaoHQDedC8zocDpHo6LX54slt8Kuk7ll0muRRBsTF00WrwMVnRfg-JMHPG2FaSk4y*Mmx7NA4ZTC4cswA5wQsQmzmea7BLSHGsYuSoaHzNKkStnN1sRMGPTCCvEylIIeUii7PnGcQqWGDE8BHGB9KaKbbE-tIsJ26JovdO6SYp-wjMGPZ-UReJOS8ykoTqBTfHvfxxQL-EN6cCr7bc4hamru1Yis2mb2Mac*KxPccvf2UdG9jMtLaTuEHUdnxhAjL*9ZymGjH0fd1i*OLT7Csoc*FAYJirKjVX5yIG5PsdhWka4QoPqAEFkuuuCLnAlnnEemNc3d8jTofnM2JLWSvfnRUtOXbnvq5TulPt7mjezYsCpKoGr*uSzqfdQIuS3uhVcr-0qb*mgHmV3Lyzh6Ne7rvUMlxhpUp4AxXihUYCQmSmM2wh5Nbpdx4x5pVZl5ZIGaN1rdg..&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Requested by: Host: qccoccocmedia.vn
URL: https://qccoccocmedia.vn/get_adm?id=b2631d14-b3cf-4160-aa81-3571e15cacde&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.43 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://qccoccocmedia.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:05 GMT
cache-control: no-cache
server: nginx
content-type: image/gif

GET
H2 200 8b9484090dcf590a70e8dbb235223fdbd6fac945e8816a939f4d11ba7f1b0154.jpg
qc-static.coccoc.com/a-images/8b9/484/ Frame 2C8D 33 KB
33 KB 1027ms
540ms Image
image/jpeg 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qc-static.coccoc.com/a-images/8b9/484/8b9484090dcf590a70e8dbb235223fdbd6fac945e8816a939f4d11ba7f1b0154.jpg
Requested by: Host: qccoccocmedia.vn
URL: https://qccoccocmedia.vn/get_adm?id=b2631d14-b3cf-4160-aa81-3571e15cacde&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: 8b9484090dcf590a70e8dbb235223fdbd6fac945e8816a939f4d11ba7f1b0154

Request headers

Referer: https://qccoccocmedia.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Mar 2021 17:27:07 GMT
last-modified: Tue, 02 Feb 2021 09:28:38 GMT
server: nginx
etag: "60191b46-846e"
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=25200
accept-ranges: bytes
content-length: 33902
x-cached: HIT
expires: Wed, 17 Mar 2021 00:27:07 GMT

GET
DATA 200
OK truncated
/ Frame 2C8D 461 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e64a159c0ffe87b8a2d15ee3891c49c2705a0f898d9adcd865ffbc57163ba46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 event
ssp.qc.coccoc.com/ Frame 2C8D 0
43 B 248ms
248ms Image
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.qc.coccoc.com/event?data=_0HrW50vfHtCSo-qUdGVEx7yuCPDzWQNp4wJd7zlmK7ARF1ZV49T0*L5THHRzEJ6y8lYZFsxWgnKoGc2OmrKlvueT*CbnArboC07QW5FdeclofTNP4e34HZKkGi2Xn0K-KJbOfUY6yuuwY3hwBzaeTm10cBksP-5o0bUX16m6OOBJQtDlmH8Qm4xmDi9*jszH3JTYNpXnqJVgx8Xp6R0DPy7JkOlR8nP9r*JDRMyCqVRrvqlQFHvali2BoKy62CW9tIROAT0H20H8ijUgEHGwRENZD8wKGN4mNlTOw*AD8N-Jcbo8q4uTA6gb8yOAdzFAPKmwHc3LUCfF2y-vuU9ZBY0mEVsbT9UzgLh7VzkN3O84xzvxuuoHy7U*KUvyV1qdsVDIH42im0zGu2D78ny6g0BSYZSRYGuxQKiP1r6EokWaSpMHwEE2bwH1jMPU3yyTrGhbiNc0qG8FDUqs1toB39pZjpFUMWyjtazwenAzJSBJtxHdQ1WaX*hTyoQeCZy8HBqIlUuukZ3aYvys.&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Requested by: Host: qccoccocmedia.vn
URL: https://qccoccocmedia.vn/get_adm?id=b2631d14-b3cf-4160-aa81-3571e15cacde&reqid=78cc4256-8be9-47d8-8fec-64d5d0726122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://qccoccocmedia.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:06 GMT
content-length: 0
server: nginx

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7181
date: Tue, 16 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 17:28:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
50 B 26ms
25ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1513476994&t=pageview&_s=1&dl=https%3A%2F%2F2sao.vn%2F&ul=en-us&de=UTF-8&dt=GI%E1%BA%A2I%20TR%C3%8D%20-%20Tin%20t%E1%BB%A9c%20gi%E1%BA%A3i%20tr%C3%AD%2024h%2C%20scandal%20showbiz%20Vi%E1%BB%87t%20v%C3%A0%20th%E1%BA%BF%20gi%E1%BB%9Bi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aQhCAEABAAAAAC~&jid=1458680628&gjid=1666785422&cid=1053352621.1615915671&tid=UA-6610653-14&_gid=2114155435.1615915686&_r=1&_slc=1&z=1347256041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1743541902361570 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 126ms
126ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1743541902361570?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c306e56766a653ef488f663c5bc63a696e6aa44a21f067b22877056b947b7698

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Ka+1Eu8JF05kSSWol+j+lfdZ7FIMPiK85M843Bly/COgeovvX5aisERQmHygugjXpiw0N8cDTadyPp4Z7y6HCQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 17:28:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: 2sao.vn
URL: https://2sao.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b607b0e420f4172dde64d10716ae519af88ca6a3b16c1fffee8b85131366728d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7tNFIavFsEad5dpxUPFsbw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: /GKHVtHKXEQuhedWNuSmN2bVBo++dz21FKxjtc2bJ/RpI3YBTOH5vxluwIN+3OuR3qldoBC+Oi/B5CwKivQ70w==
x-fb-trip-id: 917726464
x-fb-content-md5: d10763a8f0b47c3ba0b5a0b6975c0952
x-frame-options: DENY
date: Tue, 16 Mar 2021 17:28:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "732aa2fcc2ec8e1d6df1e93e284e4fd2"
timing-allow-origin: *
expires: Tue, 16 Mar 2021 17:35:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 54ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210310&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1470596f3ae5cc060b1a19abf61e2a1dd2bbc1482c703d50864ff5d7afb91de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 17:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6544
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 10ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=dbc84472bf1687ca52d40972023e4b13&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9cbccbc628b1b3b1dae2966c43a4bc221fe7fa6681115ed24d3e3b40919232cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://2sao.vn
Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mwFCmgMch3kanF3VbkRVgw==
cross-origin-resource-policy: cross-origin
expires: Wed, 16 Mar 2022 11:22:42 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60836
x-fb-rlafr: 0
x-fb-debug: +LOzOOpc5kHTk/XCuBbd+vi6YXy6Q6tJPtLuxN0tq1WyUu2N2eyTtTvgONo5i52+rM5hmJPnyGtw1zupraTPnA==
x-fb-trip-id: 917726464
x-fb-content-md5: b8d79c6f9e5f180e5cbaa8e1c34f4944
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 17:28:06 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2d3547e1bbc24886021fd65ac909f5df"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
82 B 17ms
15ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-6610653-14&cid=1053352621.1615915671&jid=1458680628&gjid=1666785422&_gid=2114155435.1615915686&_u=aQhCAEABAAAAAC~&z=401578564

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 17:28:06 GMT
content-type: text/plain
access-control-allow-origin: https://2sao.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-6610653-14&cid=1053352621.1615915671&jid=1458680628&_u=aQhCAEABAAAAAC~&z=1079184233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-6610653-14&cid=1053352621.1615915671&jid=1458680628&_u=aQhCAEABAAAAAC~&z=1079184233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Mar 2021 17:28:06 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 13D3 12 KB
5 KB 11ms
9ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2sao.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2sao.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Mar 2021 17:16:29 GMT
expires: Wed, 16 Mar 2022 17:16:29 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 697
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 13D3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 89602
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Tue, 15 Mar 2022 16:34:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 14ms
14ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1743541902361570&ev=PageView&dl=https%3A%2F%2F2sao.vn%2F&rl=&if=false&ts=1615915686439&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615915686437.138670721&it=1615915670863&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:28:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 17:28:06 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210310&jk=1373439239949565&bg=!dHeldzTNAAUO7zDoDjsAKQB2-Dxa0_ifNCc2v6QsOtDMenMPDxuuGciOsgHNn5u7UWIb4tNCaPvwAgAAALVSAAAADmgBBwoBcJTzBvssgKZvgBY7uLKInrKQk9Hqp1zlvK1Lah42SnLgT2JAGvlVDS4An3dJjDx5scmFI8RqaVdz0Pol47hunVasvq9e-BN5kZW1abxt8gWG1E9dXKTRIeCo70MIVYeTbWeBAVHPwQCqr0QAok-jIRPSRPGaauEMi0-QrR607-rX4DM_kY_nTr9rh_aVfZNrGR9iNfPVdI0ZFJaSpzNs5Q3kx6m6vs7kGp997zea0NiFiAXjnYaJT0nHPMQyrA5q2vzQneujnEFDhI-7_oSnYDq_uwfBFkuR-Nv3k-GfyVLMK7rt1VSOXjImTAqTJIKl-UhZiCtztPRzId9MOgkOQeGK3NxJ-Byom1gB1xRpLQwnYD95JLsAnrX9M0WfRU6i2FnRY-hRAzIfmp6WZ8gRrv7iBO1iK_u3ymqAcmmomPOTCjLqEqq0IAoLzI1JPMekwq3NGWipDYg9yIAKENF63bsRTQSexTQDx5f41ywzS81TmQG8HHFNnIBV-vjvEEyE46Ng5CFaAqzKQymrMIxaNi5F7kA7gONtVVuL2-s483BSx082BprA6TEve3JR8rOziUsV7LW8i0MkbsEaul8NVqJICCHBsb_5t6U737SWLFCKIU5FN4VqAXIjQJ8sHZmGVBCVWAaOnbn7SKQllfwUYCT5Sx67-HCq0F_ocLniB3wxCbsHVxRQ86GflPgeZgiX1aT1SGjB_tFo0vfmw32qUA57vYg9K1QUNeU4Y59iVznnGhfstDi0-PQEdZ0_SC5LioGrGxWsRxkQFfTLhO0UDsjGLt8-Yp-LQX8ZgdyorZnTv5ndERrgtHr2WLkzpqork77rpBP1oUMtiVxWyMY7ZBtXW5me_x5JZ1o-k1fnJauXV8IDuAHqAL8nNfLNGO7L8Y4fixfBLMnmC7mm0y87dE8_xmy5MyKUYk86B7575fo7x0aWe1JebusPRU-m1LIHxzh7zeNuPq5Q3XZhRPzwageFd2s86damID37ShMsIG9eml1YI4Fgomm2j3pLSdPgJZ6oD7im6u2gUH80HP884fXEd5xGeSkV3T-cns2Y2Ryhmp0ZnhYTF2Ei0lOjm5bX

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 17:28:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2sao.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryMu6fwp9JgoYUyMiU

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 16 Mar 2021 17:28:06 GMT
content-type: text/plain
access-control-allow-origin: https://2sao.vn
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

313 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2sao.vn/	1970-01-19 16:51:55	Name: _gat Value: 1
.2sao.vn/	1970-01-19 16:53:22	Name: _gid Value: GA1.2.2114155435.1615915686
.2sao.vn/	1970-01-20 10:23:07	Name: _ga Value: GA1.2.1053352621.1615915671

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://embed.vietnamnettv.vn/v/216731.html(Line 262) Message: video ready

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2sao.vietnamnetjsc.vn
2sao.vn
ad.crwdcntrl.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
aud.pubmatic.com
bcp.crwdcntrl.net
bh.contextweb.com
c1.adform.net
cdn.radiantmediatechs.com
cdn2.cache.vn
cdnjs.cloudflare.com
cm.ambientdsp.com
cm.g.doubleclick.net
cm.gammadsp.com
cm.gammaplatform.com
code.jquery.com
connect.facebook.net
d.gammaplatform.com
d5p.de17a.com
delivery.lavanetwork.net
dis.criteo.com
display.qc.coccoc.com
embed.vietnamnettv.vn
fonts.googleapis.com
fonts.gstatic.com
gamma.cachefly.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.vietnamnet.vn
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.vietnamnetad.vn
log.vads.net.vn
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pixel.quantserve.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
pub.lavanetwork.net
qc-static.coccoc.com
qccoccocmedia.vn
rtb-csync.smartadserver.com
s0.2mdn.net
sb.scorecardresearch.com
simage2.pubmatic.com
ssl.google-analytics.com
ssp.qc.coccoc.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tag.gammaplatform.com
tintuconline.com.vn
tpc.googlesyndication.com
tracking.vietnamnetad.vn
ttol.vietnamnetjsc.vn
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v-cdn.vietnamnetjsc.vn
vads.net.vn
visitor.fiftyt.com
vnn-res.vgcloud.vn
ws.rqtrk.eu
www.2sao.vn
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
103.21.150.163
103.21.150.164
103.21.150.167
103.21.150.172
104.108.144.214
104.16.201.58
123.30.139.97
123.30.168.3
123.30.175.112
123.30.175.43
123.30.175.51
139.162.84.221
142.250.185.162
142.250.186.66
142.250.186.98
151.101.14.49
169.50.137.190
178.250.2.151
18.138.18.111
183.91.11.69
183.91.14.6
185.29.135.226
185.33.220.241
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.86.139.89
198.148.27.139
2001:4de0:ac18::1:a:2b
203.162.168.165
205.234.175.175
210.211.113.38
213.155.156.183
23.37.53.17
2600:1f18:612b:4200:28fe:9b27:fbc6:f054
2606:4700:10::ac43:db6
2606:4700:20::681a:3cd
2606:4700::6810:125e
2606:4700::6810:4036
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:801::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200a
2a00:1450:400c:c09::9c
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
34.245.253.34
35.201.96.126
37.157.4.41
52.220.229.2
52.30.234.204
52.58.45.227
54.194.129.87
54.255.154.87
54.36.172.109
54.72.52.19
77.243.60.138
00e947b3038eb4f6bf9d76bc4a1c326b20894068cdd791f1567ea618f59a16bf
0141f848a474a376eba8cc7d91da5f268c434d16b8906fc584a8b4ee8aa5412a
014400650eac8379b4fef87d057ad2fd3ae4a721e6e7ee6a3fcd6caf302a80d2
02a1e213d6f55a07c6205440187c783586864ef3c382a473f8ffffcabcc33699
06a7e6e39b1a376f6403a0b56ec014615cd993d53d6faee8afe99daf1ca22f91
07280df7a572505ff69dcc5ceeae4028973d80a705c5ce6800c35daadf2a2a00
0a0ee7622f442d3f067dbbd2e70851b5fd88f6013f4dd260bd46356c20d87842
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be3d2ecad77c2629add9859e2f91485b809f1ec6825cd05a14c81094ca6acec
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cc6b8c92ded71c519d7eb5f5a4c855bc67c17f8c675f7ccd9a2df7a6bbc2bd1
0dded3af447b8bdb2dd2b5eb573001d51aa60770ea802cd10b98caac0c48052c
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f3fa2ec10e506b3213bbcd38f1cd8e98d390b594b85bfd6fad14c7a40d02f7b
0f61c0b0df63d46075f6c7b82cfdcf833dcee642cfa41b55bbdec201c893359c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1470596f3ae5cc060b1a19abf61e2a1dd2bbc1482c703d50864ff5d7afb91de4
15ef4a0a5771010dd90d761d24bc336dfe4e99fbf501f558f930f9c4209a442e
163140a132a9fd8a4b773ba85118a95e8d24cdd7685f23b0dbfa24b9a7177deb
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
16cb9bf4f3c579457099046869a2998dae382f590a33d9534deb41e082f8b7c1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1889994acccfac3f2bfa912b8f3dc3cc3389fcccafd049c612ce8ed5b3577cd0
1bc1a8faa8b22a68b74de3ef0ad72dc4bf72fc251d160fc3bf80a106a45abdb4
1cd22c2039d706a652c64a1328b2a256f361c807a4cc4790e5de6d9dceb1d790
1d2ec6e4d596ef2368d1c1b9a422d5ada94445ece94372f80ec82c983cad1704
20945b25ac374174470c33f364be061d28ea33f9e2438ad9eea93008658e5ac8
227b0cef309adb8bc77c084678fc00dd49118e71c5deb7cf2f2e0200387422b6
227b230a482ca6ec40fdaf411a41cf5dc03d79a051e13621c12ccca7de0c79d9
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2449cc8ffe30da9f4d5de5167e0de801f089ba57dc1bf25116a13ac4114e0799
25010d67bc0858a87f82a43edaae0e4a58f929e36f644acc96e3a761e14f4703
258057b115f77080bc24ff038f095af64111a16303a3b752a68a45fa9e571606
25c5751b025dbac94ec66f2b65364ea6036d5cb3c08e73dfb71422c87496684a
27060e50be50f50dcee97ae45b82b7fd0c45dfd8ca4d07097bfe486aa3e8f5f2
28019323978f76a552b6ba82e659440378df9d0d3f42f4021c77850cec5fc77d
29a1e0309e7a84614e20257ff99e87b2643c6d5e2f16b6e308172127f7b682c2
2a54260667123f7d1026c521432ad776c9284aa590a92cd1672bb02da688e58d
2b22bae5ed2a880050ca0db2583282c65bdd32c5b4ab059ab825823496d43b60
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b67fb4f508b4bd85b2ea97d58148d5fb4d84100cbef0faa4d7955811998b32
311df1df5293d0d3de226f460e35a8f60326a6266e6103da0032895b30d04f81
3416be7940e5b406ac1d77e55c78bcf84d86de0497612a54251e3f75062cad81
34c0d91819e04e65067b2ff717a7dbaa165c21acd18ac8d12ad5b94423db965c
3672e58f75238c5377f0fcd6c241d30117f77493505b8e98cbcc85117f19f514
3711af5e2fd53d44c034dcb5927ea2c8bb11746a99b3bd77b5432e4497c2566c
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cc8de9565f70673f6ac39fafe569feb02a07ff8ae9125bd22d51ea1b6e59462
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4178ea0b7ad00a245d88d27d9aec1a33db570e82784434176b1f67aa60d85f95
431ced6916a2a21a156e38701afe55bbd7f88969fbbfc56d7fe099d47f265460
476e55b7d10aaeb7ddd39212d5a22f590ac9355c2356fe7075b8c52f207edae2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
499162e8e615088f74504a124873f8ac613cae126e657a07c27f0dab40283141
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4b2c3c8e5d84fbe1ded93c72dd5f5585f9d01bec1a71ab013ef4153d893ff29f
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
4d17e6969f44d5f14d60b369bafd497ec0ffea712db5594e4d224b90f6c2e1b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503ca07cc4eadbb53f550dc32edbc1551d6f9a6e0674d6db4375a155e143d0a5
5050535b636f305d8e30e78c9640c99a196eaf5e05f3edd608e196bc24184f0e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5092e572525ce8078500570dd64d4e15431fe941b5b2d6074ffb9b5b47dddaff
5093d12e6fc11cb718b8ad44c5bf4d56d4abc8a2d8dad7fb5120db95fa458824
5112e0606ae283b0ffdd7ec913c79a8c86813142aa98d573b0f56e218cb3db03
53a6f478597b6c9f56ab7768908fae3fe9413c081598b4b2b2b7c0e840f9f81e
5508ac30c2d96408448dc2e05f4b166939ac295c450149c4a3c06dd433ee7f0a
551c24fb8497e8befef657134a4dc50f8cb6191edf8512a53eb32591da35275c
55319c6ad88c808d3b42309cd427a824a94e40b1ed0dcfc026898cff0e137584
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
5645f52736e924c74b539cafce4f2b0ccf94e186e6f4b3d08195ed869e143434
57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0
587f32302fb908e4c6d4b0d2d8305e1e3b8b8f61ea4e278413fe2a0cfdb8c04c
58eea8f8ce5e416c2a790d598080ccd0f069793268fe6d05d66ae844f91f0c3d
59875b1ca3fe4ec380078af9f298f46fe0cb99155ad5053ff4c1e8236ca72b4f
5b73c120eaf716380d97e7bb9b997f355f1ef0c4b2eace27fb318f4061cfe3fa
5d7ca3b24a718fe38473321d3dbe03e77104c666b0a2eb67058d50ce882bd4bb
5ec9f79b65c569ced21e12e2d405be370d6bf5ada72c410aba8386d30977de18
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
64569ba1c17cd1f81d7b5ece5897089069d2360ca5dfe540711bf7657c546245
667a6effbccc704c4738957b6a84b3abec072b061e7297c335a233b647df3e43
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66a6ef379881e3124e20f6dcecdc16672b1a7c3e415a305995621e40a075624f
67037f994140b6f52011f6edf8d0e8ae16f31ec0b6d58e96f94d31c9395b0739
6a8e0073d28c8399db8631f4ca4e7ea67f37954a95e99aaa65fcf1a6c36412b1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c401328012b459cc26bf8737289be868980df8e4e17c236e020da437d48810d
6ca836b4ecdd2725b996483221d1d6bfa460fe847a69cc4f2c5cbe1be87c7d7a
6db9bc8de1f89ac4d6200d240da1506e371c5b7baa11cae5e10d9bb0453812ef
6eb63831382e10e16fd7ce65dc31dfc06001e70335793be49a851d449c902529
707996cf827f07e12dd4da0b1c1fa6d5057f9faf48612a924dda30a1a83cf77a
7163b97c6955b2a61a4a7fdfee3095d11c86a60e90d4572a709af3ce742b1198
7682bd4700b01da0c56fdd55e749d0eca38959a792cf1f645a547fb29eaadf7a
774f92e4a338bd4515f0af093cf3e055d11d6db0d881ab68b5a07598a5174fb3
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7db40fadc6ba27067d7b90e4b1c15b3c1a35e7255363c303bce73c86ba8f44f8
828ec89721d6956597a30f7262942389188efd309e829a9fa2df6f639ac963a8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836f32af2018c99363a5287742224383e57f6c9bd709b9dc66c835065a1a3ec9
8498dfd7b8e8aaa6410f9a737fff1456ba669bd708017a71e432ec7e66fb7a66
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8547cb91200b2da8635c35e70c059091766e562a3ef557ae8eac1afe5bab6bbe
864f3ae3f17ad3a89ab56129453da500bc139e35646ece11aa2101c32328a8c2
86cb70843986570663230b7a4a54c6eac4014445ab5930635538a4fc92e56f56
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
87f81b584578bf4c7d222172d6aa5a85ff3f5e38ed436579c4953d5c05a67c20
8968c474def847cbb78da5635e03dffc060c826a0b2b9fdc5981359859cd4874
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b9484090dcf590a70e8dbb235223fdbd6fac945e8816a939f4d11ba7f1b0154
8bc47888d38c629485975fa1e1f57bf5166fd24880bebf2fdaa4ccd190313f47
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ea02ae1cc62b4f79fbfee340fbe0ba005806a0f452e3426d7b46d1cb10d1c29
900ffce45cbdfbfbd1d035ba1fba957d77fe23a3277dc9d32adfc1f90bbeb040
901eb80cc3f8c274fe6711bd023884258839610c9274082a4881f71e2206b4fb
9279f79271f62549c144a3304d6bd02805a01bc37ea027af36b1f7e5f22b28dd
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
997ab5c567bb631a4c895e150b039ba5e9999e3844586a9a938b5db5c23ed733
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c077230ea5284f716221c297207f0047b7aa129b3dc1aadb137275df3448dec
9c46a30820b54ea6c3b36d315e8a9f0ffd885cd44e3a080843f0ed9d232ec508
9c7063e4ddf4fb376fa7af3b9caf9845251f6224dffd38f1a369278c47e4b4ec
9cbccbc628b1b3b1dae2966c43a4bc221fe7fa6681115ed24d3e3b40919232cb
9e64a159c0ffe87b8a2d15ee3891c49c2705a0f898d9adcd865ffbc57163ba46
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f4370b024e7b4d9738257ab5b351140bd9afad58a549b7fd62be9ec12515297
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f9f92f59b08bc7179496a1fd9888c2ca614907d73ad76d3b36a5b0ce92703
a6cd421590d32bb73e598fd29b72fe00803c5c9ff6677c99295a7b9d5f81b70d
ab7f1ac6ebece3fd60457da60d40bcc2da99376617904cb26b48e128449467ce
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8e171373c495fd05a7d7f70710676af4e6b27aad586d99fc0d366d780fd51f
b14305d0a66eea71ff6a8d3ffa73ccf8ba8466ec10fad4fcca1bb6b7d9ce0072
b1567e619d2f9ecb23c346f0681221d3ae16ea01d53271b5ab1ddd2b8bf0c1c7
b219f24bedeb42ce7a6705e4e46c11dd30ec307856b8c5edc9ebfd37e5e18d3d
b607b0e420f4172dde64d10716ae519af88ca6a3b16c1fffee8b85131366728d
b7ab0540803750523d30dfcb57e8877a77d46e6f68ce1150a78ba0f192ba0a32
b85c0928753a657c7ccfe85421bd556e92f94c61416d155e3e392d5ea13e3367
bc01df0199ccffb9dfe2c7e25019c8e0f7d1a37fbbbd964704c29521bd266dbc
bcc9c2cf1f79ef587ec4817f6b5126488a2b86b43fa152c667a928761ef3bc6d
bda681dfdfbd46ea74aeb67ca5e3ff599cf6c944c80a5d8207bae79a56cfb6f2
bf42ed24785a8ca5430febe4c01b2f59090da2dc783d35ea7842760a9315dab0
c02e3d03d95bf974104574666ee138b535de347eae3f030b0adde73952f9f683
c04f165e8d5723ee411caff6eb460ce69c4efe234da28e8ac9f6a8c2b8d5253d
c11d4f4e5b453e924632b510ac0dd6aa46ca67e9445505286b5e366fcfa64339
c306e56766a653ef488f663c5bc63a696e6aa44a21f067b22877056b947b7698
c3eb5f707a55bd9eccf8f9d203261f1ead2772bd70ab235b742448dd0590e11c
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0
c61697412cc59989e4eee0d73b88388554d608bf9f9fd9217818245794c7ce13
caf843f0f8a9c1261c6bc1cdef49144ee166a62bce277ccc82f4ad6bc9e88b75
cb570226152be5b80fa388b8c10afb484e0d97256222cd1df8bd696a6ee7c86f
cbba80c06904ec5c8360264d5bd284c8d087c96bc1d35d64e1144c02d520ed89
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d317eb7371b1b31f877a68259e947b0e1a1ef53ea7b78babcd0229b313133d36
d3f09571e86f8a7ddc6bd6e7639ec4a8211e4b1bf7e556907758d54c4683b1b2
d45991322d1ed2797db52ce70de818d22cd2813062bad4ff0d77deaf3c72c5a6
d6571d5e522287df1f00501922131f5cb590a5c8b378e71512e6717d048ad3cc
d84f27b13731dff5ce3f51c3f6fd0d7f9c60495384061b56c81cdfee9c150815
d8b0837893cd810d4cb682fe141a55be8bcf80d6c7020e97bdacac977f826667
d924d966d44cf7973b34c92c74dc68237fec423d578f2c9497eaa0790900d71e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec0131704a97ea7d68dee50776670104b3d67e12cfe971247c070d82cbf36fd
e105164ae64d7b4e42162e6aa2a5fb1923442ac7b8aa61ee3734528bd3372a8d
e1fcaf3488cd236c1902f31d1c0f01b187c675f185d6b33a079d90f9753d279d
e26f11e94949e0799a55c0ef09bd82a76f84cb5a2ce7db3e4884b9ceaac98bf0
e32865ebfc622e114e86c02544e4d4bb96347120cd2a41d912d7b55df84de09f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
ec5af900d97f64b5519c51c3969a6095859f6e3e7e10e4b4177406ee56bb4e80
ed2fd70166e154d32f016459d977ccbde0b9dbbeeb5ca1842c2058d57c0e1597
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5ea36bff0e406c7738b4c227c84719cf25b94e11c6f95db7699277074fd3dc
ef643a775bbfc10787a15cfa89fa5f172ca3e288dc35a6df4c2dce2d4e03c390
efe32e868a74737de1b7aedf1a125664e35ab5dd482fd70b93a80b715f497cc9
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f4f5460ec0235f100afd1a88d2bae013fcda8989f5b385bcdf61b211b535b2aa
f4fb738653746b2f5402ce74057c6ec2dbe4ec4040ae2bb8a0c8a8e71e950742
f65a324e34f5ef3276f60fa79da79d7be7b21b2b59cc4e92b7f249830ac7be11
f6f5146b6eef0550aaab33a3a1f453b7730fd34927b094a49ad6c0c5859b8a36
f9359d9b6a3abc2ba09d1b2eee76f666de7f9a0722f9457276af83494543c0ad
faa44dac1a440cf07d73fc44092ac76f52a9430777810ea1a643c7d3d571244b
ff2dc039ca50d027b35196c4fc6e164bc4b3e3865859a60f4207db4b027ac068
ffd34657a6e1a500b825ce638e4f968586c43df088e6d139f42eba08f0e03b4b

2sao.vn Open in urlscan Pro 103.21.150.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

277 Requests

99 %HTTPS

38 %IPv6

57 Domains

82 Subdomains

59 IPs

12 Countries

15108 kBTransfer

18967 kBSize

3 Cookies

8 Outgoing links

Page URL History

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

2sao.vn Open in urlscan Pro
103.21.150.172 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

99 %
HTTPS

38 %
IPv6

57
Domains

82
Subdomains

59
IPs

12
Countries

15108 kB
Transfer

18967 kB
Size

3
Cookies

277 HTTP transactions
3 data transactions