plo.vn Open in urlscan Pro
42.119.138.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://plo.vn/
Effective URL:
https://plo.vn/
Submission: On November 09 via api (November 9th 2022, 1:14:12 am UTC) from VN — Scanned from DE

Summary HTTP 199 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 52 IPs in 10 countries across 43 domains to perform 199 HTTP transactions. The main IP is 42.119.138.4, located in Hanoi, Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is plo.vn. The Cisco Umbrella rank of the primary domain is 199650.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 19th 2022. Valid for: a year.

This is the only time plo.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	42.119.138.3 42.119.138.3	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
4	42.119.138.4 42.119.138.4	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
30	103.39.92.11 103.39.92.11	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
20	103.39.92.121 103.39.92.121	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
1	118.107.68.21 118.107.68.21	38726 (VTCDIGICO...) (VTCDIGICOM-AS-VN VTC DIGICOM)
1	49.213.114.132 49.213.114.132	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::ac43:b35d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:10:... 2606:4700:10::6816:31fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	58.187.8.9 58.187.8.9	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
1 5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	118.102.1.120 118.102.1.120	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.164.244.115 35.164.244.115	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
1	18.190.138.48 18.190.138.48	16509 (AMAZON-02) (AMAZON-02)
1	120.138.69.5 120.138.69.5	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1	85.91.45.126 85.91.45.126	27381 (CASALE-MEDIA) (CASALE-MEDIA)
11	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	3.248.126.7 3.248.126.7	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 9	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:2eda:8ed6:2a73:2027	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	72.251.245.181 72.251.245.181	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	104.18.13.76 104.18.13.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	222.255.114.56 222.255.114.56	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	49.213.114.149 49.213.114.149	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
199	52

1 42.119.138.3 (Hanoi, Viet Nam) 1 redirects

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

plo.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 42.119.138.4 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

plo.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 103.39.92.11 (Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

static-cms-plo.zadn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 103.39.92.121 (Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

photo-cms-plo.epicdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.107.68.21 (Bac Ninh, Viet Nam)

ASN38726 (VTCDIGICOM-AS-VN VTC DIGICOM, VN)

ad.vietbao.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.213.114.132 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

sp.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:b35d (United States)

ASN13335 (CLOUDFLARENET, US)

lamthong.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:31fd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 58.187.8.9 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

log.plo.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.102.1.120 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

service.baomoi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.244.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-244-115.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.190.138.48 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-138-48.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.138.69.5 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
PTR: ptr.vng.vn

za.zdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.91.45.126 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5212.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.126.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-126-7.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:2eda:8ed6:2a73:2027 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 222.255.114.56 (Hanoi, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

static-znews.zadn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.213.114.149 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

za.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	zadn.vn static-cms-plo.zadn.vn — Cisco Umbrella Rank: 326446 static-znews.zadn.vn — Cisco Umbrella Rank: 272937	538 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 167	399 KB
23	plo.vn 1 redirects plo.vn — Cisco Umbrella Rank: 199650 log.plo.vn — Cisco Umbrella Rank: 330684	37 KB
22	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 600 scontent-frx5-1.xx.fbcdn.net — Cisco Umbrella Rank: 10925	246 KB
22	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	214 KB
20	epicdn.me photo-cms-plo.epicdn.me — Cisco Umbrella Rank: 326240	477 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 134 accounts.google.com — Cisco Umbrella Rank: 126	78 KB
7	casalemedia.com 2 redirects a5212.casalemedia.com — Cisco Umbrella Rank: 814176 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819 dsum.casalemedia.com — Cisco Umbrella Rank: 2183	6 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97 region1.google-analytics.com — Cisco Umbrella Rank: 2041	20 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3636 google-bidout-d.openx.net — Cisco Umbrella Rank: 3516	561 B
3	adbro.me 1 redirects tag.adbro.me — Cisco Umbrella Rank: 21388 cdn.adbro.me — Cisco Umbrella Rank: 23138	32 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	18 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 412	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1604	459 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	95 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1434 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1072	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1469 id5-sync.com — Cisco Umbrella Rank: 678	17 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3590 adservice.google.de — Cisco Umbrella Rank: 5594	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	87 KB
2	lamthong.net lamthong.net — Cisco Umbrella Rank: 391271	2 KB
2	zalo.me sp.zalo.me — Cisco Umbrella Rank: 28521 za.zalo.me — Cisco Umbrella Rank: 27728	30 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 903	352 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 2319	283 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 989	590 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 4641	187 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 690
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 457	265 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1182	45 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	457 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 715	694 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11960	553 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2184	584 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1432	717 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 481	1 KB
1	zdn.vn za.zdn.vn — Cisco Umbrella Rank: 32098	8 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3901	5 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3578	903 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3817	8 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	689 B
1	baomoi.com service.baomoi.com — Cisco Umbrella Rank: 286784	7 KB
1	vietbao.vn ad.vietbao.vn — Cisco Umbrella Rank: 320320	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	75 KB
199	43

	Domain	Requested by
30	static-cms-plo.zadn.vn	plo.vn static-cms-plo.zadn.vn
20	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
20	photo-cms-plo.epicdn.me	plo.vn
18	log.plo.vn	static-cms-plo.zadn.vn
12	pagead2.googlesyndication.com	plo.vn pagead2.googlesyndication.com 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	tpc.googlesyndication.com	82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	cm.g.doubleclick.net	2 redirects 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com ssum-sec.casalemedia.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com plo.vn 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	www.google.com	1 redirects plo.vn 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	plo.vn securepubads.g.doubleclick.net
5	plo.vn	1 redirects plo.vn static-cms-plo.zadn.vn
3	static-znews.zadn.vn	plo.vn
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	accounts.google.com	static-cms-plo.zadn.vn accounts.google.com
3	www.facebook.com	plo.vn static.xx.fbcdn.net
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync.teads.tv	1 redirects 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
2	ssum-sec.casalemedia.com	1 redirects 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
2	oajs.openx.net	1 redirects plo.vn
2	www.googletagservices.com	82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	plo.vn connect.facebook.net
2	tag.adbro.me	1 redirects plo.vn
2	region1.google-analytics.com	www.googletagmanager.com
2	lamthong.net	plo.vn lamthong.net
2	www.google-analytics.com	plo.vn www.google-analytics.com
1	za.zalo.me	za.zdn.vn
1	google-bidout-d.openx.net	oa.openxcdn.net
1	js-sec.indexww.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	ssbsync.smartadserver.com	82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	gum.criteo.com	static.criteo.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	a5212.casalemedia.com	82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
1	za.zdn.vn	sp.zalo.me
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	service.baomoi.com	static-cms-plo.zadn.vn
1	www.google.de	plo.vn
1	cdn.adbro.me	plo.vn
1	stats.g.doubleclick.net	www.google-analytics.com
1	sp.zalo.me	plo.vn
1	ad.vietbao.vn	plo.vn
1	www.googletagmanager.com	plo.vn
199	63

This site contains links to these domains. Also see Links.

Domain
quangcao.plo.vn
congdvc.catphcm.bocongan.gov.vn
kynguyenso.plo.vn
www.facebook.com
www.youtube.com
tv.plo.vn
toamtoimo.plo.vn
play.google.com
apps.apple.com
tinnhiemmang.vn
datbao.plo.vn

Subject Issuer	Validity	Valid
*.plo.vn Sectigo RSA Domain Validation Secure Server CA	`2022-01-19` - `2023-01-19`	a year	crt.sh
*.zadn.vn DigiCert TLS RSA SHA256 2020 CA1	`2022-03-31` - `2023-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.epicdn.me ZeroSSL RSA Domain Secure Site CA	`2021-11-23` - `2022-11-23`	a year	crt.sh
ad.vietbao.vn R3	`2022-09-29` - `2022-12-28`	3 months	crt.sh
*.zalo.me DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-18` - `2022-11-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
baomoi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-10` - `2023-02-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
id.sharedid.org Amazon	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.zdn.vn DigiCert TLS RSA SHA256 2020 CA1	`2022-08-18` - `2023-08-05`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-01-15` - `2023-01-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://plo.vn/
Frame ID: 7468C17943F57AF1B11D90D8A31AE3B1
Requests: 121 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fphapluattp.vn%252F%253Ffref%253Dts%26tabs%3Dtimeline%26width%3D300%26height%3D332%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D1583514341961894
Frame ID: CEF32A9C654EA7AD12CC5B7330349879
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: 8C5A95FB96696EC9C8B6D79D8FE160B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1043614943751447&output=html&adk=1812271804&adf=3025194257&lmt=1667956436&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=209x900_l%7C209x810_r&format=0x0&url=https%3A%2F%2Fplo.vn%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667956435953&bpp=4&bdt=1682&idt=204&shv=r20221101&mjsv=m202211030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4953572121126&frm=20&pv=2&ga_vid=190760212.1667956436&ga_sid=1667956436&ga_hid=553334027&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070785%2C44775016%2C44777179%2C44776449&oid=2&pvsid=1018791201672485&tmod=1009839645&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249
Frame ID: DA4BB183B2093C5AEBFCF2ACFEC169DF
Requests: 1 HTTP requests in this frame

Frame: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 50F57F3A473E0A198EE7FDD3C364EC3B
Requests: 1 HTTP requests in this frame

Frame: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 598ABBC98561A5D08F82899FCED4F68E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a01:4a0:2b::&output=html&unviewed_position_start=1&url=https://plo.vn&sub_client=bidder-341462&aceid=MKwatAAuHLQARVs0AQ14NAFKejQBj300ATZ-NAHXfzQB7H80AUWANAFLgDQBcIA0AXeANAF5gDQBo4A0AbGANAHCgDQB0IA0AdWANAHWgDQB14A0Ad2ANAHegDQB44A0AeeANAHogDQB6YA0Ae2ANAHugDQB8YA0AfKANAH2gDQB-4A0AQWBNAEOgTQBD4E0ARSBNAEZgTQBGoE0AR-BNAEggTQBS3NBAVNzQQEo-YgCJ0KqAihCqgIpQqoCD1aqAv54qgJxj6oCgJuqAoGbqgKCm6oCoqiqAlW6qgLb1qoCoOWqAuflqgI46aoCXemqAmz4qgIm-6oCQvuqAnf8qgIeBqsCZAerAjkKqwLeC6sC5wurAkgMqwLiDasCuxCrAs4XqwJjHKsCfRyrAvYfqwJdIasCDCOrAh4jqwJuI6sCDSarAt8mqwIrKKsCVCirArEoqwLqKKsCWimrAngqqwL7K6sC_iyrAiAuqwLkLqsC-C6rAmYvqwJvL6sC6y-rAqAwqwIXMqsCXzKrAmAyqwJ8MqsCKTOrArMzqwKcNKsClDWrArg1qwLiNqsCojirApc5qwKsOasCODqrAr07qwINPKsCEzyrAnc8qwKMPKsCjzyrApE8qwK0PKsCqD2rAus-qwIvP6sCST-rAk4_qwKdP6sCh0CrAjdBqwI9QasCWEGrAqFBqwLaQasC80GrAjhDqwI_7QUDmjr6A_V0JARkN2EEVLLFBclYEwoD558Lz5P7EhXI-xKYzfsSlPb7EvwA_BKKAfwSNgL8ErYC_BLbAvwSpQT8EugE_BKSBfwSjwb8EsIH_BLPB_wSsPUDFfdWaxpqy7UuRxsHag&awbid_c=AKAmf-BxbvKhy894D_NGioRU_g1O80JZumQP7p0m6UneKWcBwoQ5Z9srhvLVhqyXHfjvs3GZQc07oB9OAUjkNQ1Bq9MXFcoUpaHGBZYyT2RiS5Mug35yVOh48hBuulj87R37iKujctZfHwj7CjvyesFebQpj13S6vMKgcX6-AtFFWn42HXoLOwqjimqh-S3DNgsuWcMgsRE9&awbid_d=AKAmf-AN3oTflBuJUJIXgdW3rJKfyHMmg08xUtjMhnOgDHX2B2fuiVy9cDidUHtmINkkKhbzILf2y2_3nu0OM_DSiTEZnlqdOxaQ7IYaG825xG2V2oPf6jO8q-UU1yzCCaZzFFSklah7hLvqg-puJheMDG10OFM-n_2JByk6Nav71EmGvmS6BT_6fDq4ADkuFKnIJl-C65rTbvJA9PXm7VsciMNvJq7cEyr2Bs6Tz_AuUOZLbk5Ah0CzuLuEcA3EXQqxHRqnpBneENGTuNVY93oe8I7QAZ2_uEqGltGK4NrA4FQrLp-P8qKP6s8xSE8ShPu4gob7kSyjW8hfWVXRFi3h7347ohhe9CptROiUuyDq-_BYi3OVWIYGsKWkgFx11AUGX5UTQYILxNvm0FKKw6i_K_QBYq_aPQtBaRJsQFDfD-rjALSUgicnFYA1WC2T5WFewFN9ViAvGAM860h8q65Q2uhMLPkk3o8OwfeMSjiFpnjCInFCMXjuUtRkOvA3GUjgxMoF54J0FtSGuefHjtvTl42f7LWiRM7IYnYmP3Mz2dafbdcXHgjV7UdjetEQi_VTOddiRZlsLnT9BiIqIadhbTQz_aBfMQRGFWxT2wLePLwQvMh5mCs2gTT5C223P3Y0szsmFpf5dk7wIPnmsYAvMI5DmsFeEXHveWTrnYGk3MXbKTJV9PEFyusWUG6XqLQKwcjm6uZ6DS37hYvhE6NXr07LNdxGFdCfq0fIwgCa0AdK1O9ejXtj2m5-Qs1GWEg-aMwGLDEPXsh6Eefap12goZsPZU7KzoUDJIsBk3SpRNshTQ2TymeftU-riRdA2-T4som3zwKYWwH_26dClZu_RPg6lSDLD0kzkImswVhFV5P7PUfvUyVjadKeZybXZsxmfjR2HSW7&cid=CAASBORoZVQ&exk=458091768&rfl=https%3A%2F%2Fplo.vn%2F&a_pr=13:Y2r-1AAAAAD6Pgxgy1lSFy3CXgpAsHVq0FRQPw
Frame ID: 013666A456764A81AA0AE10E6E4FF784
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=plo.vn
Frame ID: 5848A4F9D53718CA50E5638C6010A365
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: 8913349E564C3BF31EFEE5222DA7BCF6
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7617C329784C3B71B5834A8759FF626D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A669B1355E469C9E2E4D6BCB0C9C6720
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 0558C72F86871DCE02B17DA73CC5386A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 17CFFA0655046749AA95A3FE7D6DE5FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EFE4524DC1E1DFB0A74F893064A00B17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E240A483512ACA64696038441FDCAA1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Báo Pháp Luật TP. Hồ Chí Minh

Page URL History Show full URLs

http://plo.vn/ HTTP 301
https://plo.vn/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

199
Requests

93 %
HTTPS

42 %
IPv6

43
Domains

63
Subdomains

52
IPs

10
Countries

2443 kB
Transfer

5719 kB
Size

24
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://quangcao.plo.vn/
Title: Liên hệ quảng cáo

Search URL Search Domain Scan URL

URL: http://congdvc.catphcm.bocongan.gov.vn/
Title: Dịch vụ công CATP

Search URL Search Domain Scan URL

URL: https://kynguyenso.plo.vn/
Title: Kỷ nguyên số

Search URL Search Domain Scan URL

URL: https://www.facebook.com/phapluattp.vn
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCp6PchFsCg582xw6gEjpzVA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://tv.plo.vn/

Search URL Search Domain Scan URL

URL: https://tv.plo.vn/luat-va-cuoc-song/
Title: Luật & Cuộc Sống

Search URL Search Domain Scan URL

URL: https://toamtoimo.plo.vn/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=io.appfast.baophapluat.android

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id1492224264

Search URL Search Domain Scan URL

URL: https://tinnhiemmang.vn/danh-ba-tin-nhiem/plovn-1625727762

Search URL Search Domain Scan URL

URL: https://datbao.plo.vn/
Title: Đặt báo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://plo.vn/ HTTP 301
https://plo.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://tag.adbro.me/tags/ptag.js HTTP 302
https://cdn.adbro.me/ptag.js

Request Chain 142

https://oajs.openx.net/esp?url=https%3A%2F%2Fplo.vn%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fplo.vn%2F&rid=esp&cc=1

Request Chain 145

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Request Chain 147

https://um.simpli.fi/gp_match?google_gid=CAESEEdp8rArFBA--ObrTvvOwLg&google_cver=1&google_push=ASkJ3FZj0WjlIhWWl9IDXqqkaAYrClcoATPQ86XSBPewWZvL6pmejVxSVlznK6Zd4jI475GiTh6Z89nPw1KyStsN9_JkXwF7D7BQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F3816E9D783436C84BD9BBAB694995D&google_push=ASkJ3FZj0WjlIhWWl9IDXqqkaAYrClcoATPQ86XSBPewWZvL6pmejVxSVlznK6Zd4jI475GiTh6Z89nPw1KyStsN9_JkXwF7D7BQ

Request Chain 148

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO62gQPdIRys5PV66yUlwkk&google_cver=1&google_push=ASkJ3Fb77e-EZFwMSYjof3FGAIxZ7m_TTPmAfPC3SPODztsd9DbkzbVrhH_qLm8t1pZzC7j8shuIxbiBLhxzwY5nkTvm7xsIRdwG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgxODM0Mzc4OTQyNjgyOQ%3D%3D&google_push=ASkJ3Fb77e-EZFwMSYjof3FGAIxZ7m_TTPmAfPC3SPODztsd9DbkzbVrhH_qLm8t1pZzC7j8shuIxbiBLhxzwY5nkTvm7xsIRdwG

Request Chain 149

https://ads.travelaudience.com/google_pixel?google_gid=CAESENePNxphI4EG-tvLsoW9aBU&google_cver=1&google_push=ASkJ3FbCVZAnkpthNi4IJCQZebTR4zUs6u2Sq6y4mOg3iC0jQqsAVPF9n6JhSI7DAmAyuUasS6PIDhKjFJlfpkJzAkzLyEeD9tJb HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WcAFgfBxSbW0gsyEQ8xqsg2&google_push=ASkJ3FbCVZAnkpthNi4IJCQZebTR4zUs6u2Sq6y4mOg3iC0jQqsAVPF9n6JhSI7DAmAyuUasS6PIDhKjFJlfpkJzAkzLyEeD9tJb

Request Chain 150

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC-t8o1lfWZNRQaSB0rev08&google_cver=1&google_push=ASkJ3FYjHIUTZIl0i2hxcmSfvdTphWZNInKGCwFoEyOK-R-HtMhYA8WorQcfDF85wPlbeB_E9BjxMiIyObg3-k5OFnyzUY0wJdm1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYjHIUTZIl0i2hxcmSfvdTphWZNInKGCwFoEyOK-R-HtMhYA8WorQcfDF85wPlbeB_E9BjxMiIyObg3-k5OFnyzUY0wJdm1&google_hm=Nzg0NTM2OTc3Nzc3NzExMDQw

Request Chain 151

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF_uWo6deuKqERFooNgLuKY&google_cver=1&google_push=ASkJ3Fari0yNudQ7pu8tub7M7jSkl20CkEj8EQJeW30Zfy_rNodVkzh4bAuViFPOJ0JCCAnR1M87IP57gGfa00KH6m3e12amA-g7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4WTczRlQtSC1MMzdE&google_push=ASkJ3Fari0yNudQ7pu8tub7M7jSkl20CkEj8EQJeW30Zfy_rNodVkzh4bAuViFPOJ0JCCAnR1M87IP57gGfa00KH6m3e12amA-g7

Request Chain 153

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGuemoYEcSXKZfQ-gQSifAM&google_cver=1&google_push=ASkJ3Fa7kKdSobuCSj8furIZWfOOfceaH0jThfI4kXBCa44x5RmHB8HLHMWVkuN1NIbjMxXdJB-5_kuPkaB2Lz1l1Q8EMedF-TvhuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3Fa7kKdSobuCSj8furIZWfOOfceaH0jThfI4kXBCa44x5RmHB8HLHMWVkuN1NIbjMxXdJB-5_kuPkaB2Lz1l1Q8EMedF-TvhuA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 164

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2r.1P6iWcxtSCeZt6TqpQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBo5BAyyPy1xPwBIiqBZ7KM&google_cver=1&google_hm=2

Request Chain 167

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB&dcc=t

Request Chain 169

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668042836&gdpr=1

Request Chain 170

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=8LChd6Dm8yLr568mpbC6JKe3pifru6ZypeJjlZ4I

Request Chain 175

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

199 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
plo.vn/
Redirect Chain

http://plo.vn/
https://plo.vn/

184 KB
31 KB

639ms
212ms

Document
text/html

42.119.138.4
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.119.138.4 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 60a562c712c085e30428843d0c0fa06b27eaa66b08d0a85d87b85be35bf86b5a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3
cache-control: Private
content-encoding: gzip
content-length: 31710
content-type: text/html;charset=utf-8
date: Wed, 09 Nov 2022 01:13:54 GMT
server: Universe
vary: Accept-Encoding
x-cache-status: HIT
zsurrogate-key: plo_home_0

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: Private
Connection: Keep-Alive
Content-Length: 0
Location: https://plo.vn/
Server: Universe

GET
H2 200 main.min-1.3.1.css
static-cms-plo.zadn.vn/v3/web/styles/css/ 386 KB
63 KB 847ms
213ms Stylesheet
text/css 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 939ace9629a53d60de167ee6e0b9102175034a862021ed00c2b6febc93cc13d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 4022535
x-cache-status: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 64471
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LRBCS8D716

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27197bc78f713559d09be70f7c08c0554479827fda911b3ceb0100f363408edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76518
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Nov 2022 01:13:54 GMT

GET
H2 200 analytics.min.js Show response
static-cms-plo.zadn.vn/v3/web/js/ 4 KB
2 KB 214ms
213ms Script
application/javascript 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: d1dd75679c31a908f45f780b1642556347aca808e411c1e093b160a9523865d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 4658442
x-cache-status: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 1597
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 ads Show response
plo.vn/ 17 KB
5 KB 207ms
207ms Script
application/javascript 42.119.138.4
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://plo.vn/ads?object_type=2&object_id=0
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.119.138.4 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 82d59d4a67f05087d33fcdd3840c7dcca55001e982da11856c3060d6ae68ebd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:54 GMT
content-encoding: gzip
server: Universe
age: 331
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: Private
accept-ranges: bytes
zsurrogate-key: plo_ads_zone_0
content-length: 4731

GET
H2 200 w-p2-chinh-nhompv-quochoi-ttam-2611.jpg
photo-cms-plo.epicdn.me/600x360/Uploaded/2022/jqkpcgmv/2022_11_08/ 47 KB
47 KB 1586ms
854ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/600x360/Uploaded/2022/jqkpcgmv/2022_11_08/w-p2-chinh-nhompv-quochoi-ttam-2611.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 4aacca831b83a96f72fa732f558a165cec229e6e239f5f7916368096542a5203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 48325
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 w-p10-bai-chietkhau-9026.jpg
photo-cms-plo.epicdn.me/100x100/Uploaded/2022/jqkpcgmv/2022_11_08/ 5 KB
5 KB 1586ms
855ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/100x100/Uploaded/2022/jqkpcgmv/2022_11_08/w-p10-bai-chietkhau-9026.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: ea20eed57698c827bf91d418799bb44a4555205a47d1a3e311f88fe1760b5d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 4679
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 p8-hinhbai-as-9984.jpg
photo-cms-plo.epicdn.me/100x100/Uploaded/2022/bzivpwiv/2022_11_08/ 5 KB
5 KB 1413ms
682ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/100x100/Uploaded/2022/bzivpwiv/2022_11_08/p8-hinhbai-as-9984.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: b39a106e9535a62335ef4f368939590cb494b1b758e3b8995d38dd2c97391932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 4677
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 dai-bieu-to-lam-2402.jpg
photo-cms-plo.epicdn.me/100x100/Uploaded/2022/bpivpbiu/2022_11_08/ 4 KB
4 KB 1413ms
683ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/100x100/Uploaded/2022/bpivpbiu/2022_11_08/dai-bieu-to-lam-2402.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 75e1288eafccec8fc086d1e37b792630fc9d957f21ff8dd3b252e806148e47d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 4123
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 gia-xang-dau-7218.jpg
photo-cms-plo.epicdn.me/100x100/Uploaded/2022/viuoqivo/2022_11_08/ 5 KB
5 KB 1584ms
854ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/100x100/Uploaded/2022/viuoqivo/2022_11_08/gia-xang-dau-7218.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 60b62ddffe030af02554bb5ee400e37c03f997e4c4835d3c26d3a9587fbf0da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 5170
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 p14-1640.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/bzivpwiv/2022_11_08/ 19 KB
20 KB 1584ms
854ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/bzivpwiv/2022_11_08/p14-1640.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: b4929317f257459f37698da16005c69abc0f5d8e282aef5436ac36de42c6154f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 19914
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 infographic-vi-tri-di-tich-tuyet-dep-ha-noi-nam-o-dau-tren-ban-do-2022-11-02-2535.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/cqdhcajwp/2022_11_08/ 15 KB
15 KB 903ms
213ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/cqdhcajwp/2022_11_08/infographic-vi-tri-di-tich-tuyet-dep-ha-noi-nam-o-dau-tren-ban-do-2022-11-02-2535.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 1ad5e29f418f9b90633a32e4010db0cd4d96d628ce221e82fcb405cc5ef75941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 15144
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 15-chon-ghe-891.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/bzivpwiv/2022_11_08/ 18 KB
19 KB 1545ms
855ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/bzivpwiv/2022_11_08/15-chon-ghe-891.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: ab833b47fa1778ca94f2b4707d533e159c19509af1f5626920ee3ddc139f8c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 18939
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 w-p12-tinh-nghia-nguoi-sai-gon-h1-814.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/jqkpcgmv/2022_11_08/ 26 KB
26 KB 700ms
214ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/jqkpcgmv/2022_11_08/w-p12-tinh-nghia-nguoi-sai-gon-h1-814.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: d75efe3c426c5e94a80e09a4b0e3e18d9af010e51bdca23cd53edce34eca0287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 26885
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 p11-hang-hoa-nhap-tu-han-quoc-4324.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/jqkpcgmv/2022_11_08/ 27 KB
27 KB 955ms
469ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/jqkpcgmv/2022_11_08/p11-hang-hoa-nhap-tu-han-quoc-4324.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 50300fe1323a1df90d71d6469548d25ef180a9040f2b06290b00614251c2c236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 27520
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 p16b-201.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/bzivpwiv/2022_11_08/ 11 KB
12 KB 699ms
214ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/bzivpwiv/2022_11_08/p16b-201.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 91a408b712315c33bf225c02e50887bb8cee29fe1de1f51a36812bab3e3f6c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 11690
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 main.min-1.5.6.js Show response
static-cms-plo.zadn.vn/v3/web/js/ 188 KB
58 KB 635ms
214ms Script
application/javascript 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cms-plo.zadn.vn/v3/web/js/main.min-1.5.6.js
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 7b4640e152dbb51406fa94da8fe5738fc94366101b505f6f372aebf9510039be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 2817299
x-cache-status: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 58919
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 ad Show response
ad.vietbao.vn/ 18 KB
18 KB 1358ms
394ms Script
application/x-javascript 118.107.68.21
VTCDIGICOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vietbao.vn/ad?w=1004
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 118.107.68.21 Bac Ninh, Viet Nam, ASN38726 (VTCDIGICOM-AS-VN VTC DIGICOM, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 46bb0ac0f149c7ff79caf4d68734fa5fd5f73ea15a3561c88c7bf6ebc41e7bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://plo.vn, *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, soapaction
content-length: 18004
expires: -1

GET
H2 200 sdk.js Show response
sp.zalo.me/plugins/ 105 KB
30 KB 626ms
212ms Script
text/javascript 49.213.114.132
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.zalo.me/plugins/sdk.js

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

c027ebd1c4192b5327c3194990a711b4081ea32a118e16f0d16a82f731ab3368

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
server: za-ngx-srv
etag: cbc6013bb2eeee269197cfbcfe0d1818--gzip
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 09 Nov 2022 01:15:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
54 KB 60ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1043614943751447

Requested by

Host: plo.vn
URL: https://plo.vn/ads?object_type=2&object_id=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3208e822b36b43e19f1fa7511ff577ef39a3b538bbecbf72b692062a2435c8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Origin: https://plo.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55189
x-xss-protection: 0
server: cafe
etag: 6805891528793626202
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 01:13:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 58ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7890292143716709

Requested by

Host: plo.vn
URL: https://plo.vn/ads?object_type=2&object_id=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59f1545c956749f310db159a3b9443b11b50184d03b36c268734d886336e01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Origin: https://plo.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55343
x-xss-protection: 0
server: cafe
etag: 15991071559279000581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 01:13:55 GMT

GET
H2 200 text-link.js Show response
lamthong.net/plo-ads-text-link/ 230 B
760 B 49ms
15ms Script
application/x-javascript 2606:4700:3034::ac43:b35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lamthong.net/plo-ads-text-link/text-link.js
Requested by: Host: plo.vn
URL: https://plo.vn/ads?object_type=2&object_id=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 191ec7ee596a341b70d131a88f99ed428c69240f95592d0fa24bbb6a2ad5df14

Request headers

Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 338768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 12 May 2022 03:21:00 GMT
server: cloudflare
etag: W/"e6-627c7d1c-8ba7807ed44c3e8d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yn33A6ZAbDplJlHstDfOphCL5UlFZErL7hzpVfyVHqErYUU4hZX%2Fbm7UrnkZw7icUdlOyOj7yriYpMeFbufUqNKfY4%2BfDk9niuyBpMnvFylXIw5lE0egD6s%2B6iQurPp9%2FG80CzJPBFBJc6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7672b04bc8db9c0c-FRA
expires: Sat, 12 Nov 2022 03:07:47 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
341 B 54ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LRBCS8D716&gtm=2oeb70&_p=553334027&cid=190760212.1667956436&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667956435&sct=1&seg=0&dl=https%3A%2F%2Fplo.vn%2F&dt=B%C3%A1o%20Ph%C3%A1p%20Lu%E1%BA%ADt%20TP.%20H%E1%BB%93%20Ch%C3%AD%20Minh&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRBCS8D716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plo.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 text-link.css
lamthong.net/plo-ads-text-link/ 2 KB
795 B 19ms
15ms Stylesheet
text/css 2606:4700:3034::ac43:b35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lamthong.net/plo-ads-text-link/text-link.css
Requested by: Host: lamthong.net
URL: https://lamthong.net/plo-ads-text-link/text-link.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df6ae6b429c3ac95fca89e849f94af4e386ed765687fe38aabbc75de212055d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 335019
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Jun 2022 02:57:45 GMT
server: cloudflare
etag: W/"660-62a01029-4a18c588820a820d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBUrpSCQ%2B9cEC8bo7eSM9YM1fp3cYXxXCzqSi6MqaXsYeFYNodz%2Bmy9kW4XJYuAaub1cGKBtUcsDwZ9otmoKkxYEZekHahrfGr35G9Ih70AnWD5LDrO0LHNwysQnHi7KwJuYhWa10b9KdL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7672b04be8f39c0c-FRA
expires: Sat, 12 Nov 2022 04:10:16 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 logo.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 3 KB
3 KB 213ms
213ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/logo.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 3685b6b1c0b6bfe474653625f3b66e47a7fbf5be3436e13e9059f90fab7fb699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 3279
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 bell.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 320 B
434 B 216ms
214ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/bell.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 4168a2c525379d43f6f3cbbddae374bdc37d37b574d25686a35f59217ff23dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 320
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 heart.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 342 B
457 B 217ms
215ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/heart.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: fa7660516acc86f819003d6cd303c45c2feb0a584c0397dfdbe44289f3bba5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 342
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 layers.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 313 B
428 B 217ms
215ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/layers.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 55f5d35dd901cf370a61e3f4c742e8d6557d8ccbf9f625b2d3f9cf02eb437c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 313
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 globe.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 369 B
484 B 218ms
217ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/globe.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 771abd1add79f1f2fd45efbd6dd1d701d34cb084d3aa9d0c5ad995b5eee52e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
last-modified: Wed, 09 Nov 2022 01:13:55 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 369
expires: Tue, 07 Feb 2023 01:13:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 91ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: plo.vn
URL: https://plo.vn/ads?object_type=2&object_id=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26611e4f579c7c6d9bd06c96e10d7780c5da29037b9ac1571a4b953f27b5fd31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27322
x-xss-protection: 0
server: sffe
etag: "1388 / 153 of 1000 / last-modified: 1667948827"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Nov 2022 01:13:55 GMT

GET
H2 200 phone.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 335 B
450 B 343ms
342ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/phone.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 5e824867389e54de7dc9a3c5a8086f4fbd7d7d8598ab42f081d9a08423fb4f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 335
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 search.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 319 B
434 B 342ms
341ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/search.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: afa3c99acd2d860dd8b8d1e3f0eedccba616050b362fd4edeaa051d152e51fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 319
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 facebook.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 270 B
384 B 342ms
340ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/facebook.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 79a5ceca1bf60ca91ea20aeae9f5feafa095caf6eb166ec64d9a19b332c01435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 270
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 youtube.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 337 B
452 B 343ms
341ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/youtube.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 32ef4a5b240ee0499db963bf021ea260a035db0a7bca533f08c4d1c72f27f990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 337
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 icon-home.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 293 B
408 B 343ms
341ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/icon-home.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: a6a415d4ac9990d32cac3107c7b4322156955f658913c4755fba324bcafcb516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 293
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 icon-camera.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 344 B
459 B 342ms
341ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/icon-camera.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 6b6550b2f9fea7e304ba67d5eb389e2c58e9995148ca4045316dfac53bb3b3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33306502
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 344
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 icon-info.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 463 B
578 B 343ms
343ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/icon-info.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 46deb0623af013caf381468bd57b38a1535d4822f9cc5bcdedccd1101d1b8d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312004
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 463
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 logo-TV.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 4 KB
4 KB 342ms
342ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/logo-TV.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 9099f8317b15d14ca7249548938140253564acd4952f12d731fdae462431a5ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 4203
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 play.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 382 B
497 B 344ms
344ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/play.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 1c1271f22186320e080f0246fdc22aac3bc86ca864020f4c9b276595f617ef40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 382
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 story.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 538 B
652 B 341ms
341ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/story.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: d9f6ec62a4ed1b9b7405cce8ca1c9c95661c3850e132e952739993412687e604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 4013043
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 538
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 icon-longform.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 433 B
548 B 341ms
341ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/icon-longform.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: dd2ad0156905a8daf33187224b46ca38b4aab45601413b54968ef4427b5bf45b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 32810867
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 433
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 HeraBig-Black.ttf
static-cms-plo.zadn.vn/v3/web/styles/fonts/ 237 KB
238 KB 684ms
226ms Font
ttf/x-font 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/fonts/HeraBig-Black.ttf
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 3f899da194038dcec12f8f8c7a988bee7674734e73381071e0a5c8966e55aebb

Request headers

Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Origin: https://plo.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312369
x-cache-status: HIT
content-type: ttf/x-font
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 242864
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 icon-video-ver2.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 277 B
392 B 313ms
313ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/icon-video-ver2.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 90b2fd3c547ae634192953c8b82fa5c93eaf956e03afb06e340e3c51c7cdb72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312004
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 277
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame CEF3 47 KB
17 KB 100ms
81ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphapluattp.vn%2F%3Ffref%3Dts&tabs=timeline&width=300&height=332&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1583514341961894

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e78415cad6e6fa06204a916a2f7ba7ff868c6b7a0cf3e564c75e69b8011c4d05

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 09 Nov 2022 01:13:55 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: FwUdb0bZVg613YEFde8536QtQn9X4Kg7UElXZ/WgaAS6O0yETZF4BBK2OKHjoPMWk/46nGWNMmI2epoE2ElHIw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 btt.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 193 B
308 B 276ms
275ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/btt.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: d23360aa9771de578d1901f1418e1d873402c915cc8c34895c16b7769f3098f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 193
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 fanpage.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 2 KB
2 KB 276ms
275ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/fanpage.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e8731e19e71723ddefa89250fe22f1f9dc976998ae6bc820816b8559b9de2d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 1589
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 app-androi.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 12 KB
12 KB 276ms
275ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/app-androi.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 71a90c5ef1ee46ece2287dc6ac982c3a179ebca258777c19246f6289bab0511c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 12339
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 app-ios.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 8 KB
8 KB 276ms
276ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/app-ios.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 783a1d660f81daddf7e3e8bc45d3282db7530043d6c73308dc7820579a8ff0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 7972
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 bank.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 2 KB
2 KB 277ms
276ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/bank.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 44f2a78da269d911d91a070b1bbadbf9fcc73ace74fac2ab9576aa4b7e5db139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 2344
expires: Tue, 07 Feb 2023 01:13:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 43ms
18ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=553334027&t=pageview&_s=1&dl=https%3A%2F%2Fplo.vn%2F&dp=%2F&ul=en-us&de=UTF-8&dt=B%C3%A1o%20Ph%C3%A1p%20Lu%E1%BA%ADt%20TP.%20H%E1%BB%93%20Ch%C3%AD%20Minh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1426645195&gjid=82036442&cid=190760212.1667956436&tid=UA-43897759-1&_gid=851549380.1667956436&_r=1&_slc=1&z=1040860873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plo.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/ 402 KB
128 KB 55ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_with_ama.js?client=ca-pub-1043614943751447&plah=plo.vn&bust=31070785

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7890292143716709

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

426469345a2bfdeedeab9cc9cffd0bfb8ed70bf190a054310b78b3202f58a3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130686
x-xss-protection: 0
server: cafe
etag: 4180296938010459581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 01:13:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 8C5A 10 KB
5 KB 38ms
9ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7890292143716709

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 12:07:41 GMT
etag: 2424782735605397694
expires: Tue, 22 Nov 2022 12:07:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
436 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-43897759-1&cid=190760212.1667956436&jid=1426645195&gjid=82036442&_gid=851549380.1667956436&_u=IADAAEAAAAAAACAAI~&z=962418897

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plo.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 time Show response
plo.vn/api/tools/post/ 79 B
166 B 215ms
215ms XHR
application/json 42.119.138.4
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://plo.vn/api/tools/post/time
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/main.min-1.5.6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.119.138.4 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 2a2e9346be0cc64818d83a599ecf2aae5879529aee3588db66bd71f758ec1539

Request headers

Accept: */*
Referer: https://plo.vn/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 0
x-cache-status: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: Private
accept-ranges: bytes
content-length: 79

POST
H2 200 info Show response
plo.vn/api/accounts/post/ 111 B
170 B 212ms
211ms XHR
application/json 42.119.138.4
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://plo.vn/api/accounts/post/info
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/main.min-1.5.6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.119.138.4 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 0a1b0b6c66c8084f6e540dd5815a03328f60998722e0e4746f7adc745b2a1ebd

Request headers

Accept: */*
Referer: https://plo.vn/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 0
x-cache-status: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: Private
accept-ranges: bytes
content-length: 111

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ptag.js Show response
cdn.adbro.me/
Redirect Chain

https://tag.adbro.me/tags/ptag.js
https://cdn.adbro.me/ptag.js

106 KB
31 KB

34ms
18ms

Script
application/x-javascript

2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adbro.me/ptag.js
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 69e3d3e5b711f872238cf2f3b04df1eddb9f5430656080c19d5d8b8292017b94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 12722
cf-polished: origSize=137060
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Nov 2022 17:38:58 GMT
server: cloudflare
etag: W/"0e5dfb98f3d81:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7672b04dfde5bbf5-FRA

Redirect headers

date: Wed, 09 Nov 2022 01:13:56 GMT
server: cloudflare
vary: Accept-Encoding
location: https://cdn.adbro.me/ptag.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7672b04d5d44bbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 znv9jks6.js Show response
tag.adbro.me/configs/ 1 KB
1 KB 44ms
14ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/znv9jks6.js
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02262a4db41927336604e65fe2616cd891caed73b7225c1993005b616191de5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 555
cf-polished: origSize=2199
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 03:40:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: b34adce3-901e-012d-2422-d2fb03000000
cache-control: max-age=7200
x-ms-version: 2009-09-19
cf-ray: 7672b04d5d45bbf5-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 38ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0374f3fe6e40e582b903e3bddda916b72f1443db55e064b85a1f1133ad3464a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 01:13:56 GMT
content-md5: 5xjxpqWaJTJSKUzffGP0UA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: /fCt5E7p1Zbn04oL+A9c5a0+mEgY6m4EJ74pnqRG94bgG16RShSjOFvML+2EZ6jhv+3hxShTlIHbS72bXyNbJg==
x-fb-trip-id: 917726464
x-fb-content-md5: 96671ac2af460d67f051d55c9ad75cbf
cross-origin-opener-policy: same-origin-allow-popups
etag: "29de40a147ddafa038f28077e060dc5a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Nov 2022 01:30:43 GMT

GET
H2 200 f4wCikaN3ld.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ Frame CEF3 19 KB
5 KB 31ms
8ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/f4wCikaN3ld.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphapluattp.vn%2F%3Ffref%3Dts&tabs=timeline&width=300&height=332&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1583514341961894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b748cca0969a746acf4ef67beb755467ce57f5356e79459b90213a493d4e8d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SV7QV4Q2sycfjbUuNW8EOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4983
x-fb-rlafr: 0
x-fb-debug: 91RWTX9/Okb8PYP2FiebCKJH/pzDtewMf8ijIBCe1j93O5N/lwkbmHGm5cYqkBvIRsocqKTdePQF1KyrfGZHFg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 08 Nov 2023 18:01:13 GMT

GET
H2 200 5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame CEF3 2 KB
1021 B 31ms
9ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qp62alFG777So/ro/wbkaA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 829
x-fb-rlafr: 0
x-fb-debug: nMh/sgdVuLp0ZxfHFkRUUirUOMdjt1rq9mLzGbzqd5cNkGHTvpJH96Jn1+nLD5wSYUIBON0cs6lV/fAMjqaUdw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 03 Nov 2023 18:49:24 GMT

GET
H2 200 xUCu69_VoIG.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame CEF3 6 KB
1 KB 32ms
10ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G4bSvzLG2IH4kVzNTn3U6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 871
x-fb-rlafr: 0
x-fb-debug: qWomoizgm+2F/7vIcYfNFeKMWg9JDn9Ysn6exUfMKMQ7Xkw22kn9Y6nVwwc1gR0bxynzKginl9Iqg2ZzQl0rBw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Nov 2023 17:16:10 GMT

GET
H2 200 BlEbFnvXdO-.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame CEF3 323 KB
87 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29cb46aa7e5b570fbffc16785a4ee48a69628958f516099c054937f0b0232d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DXV8Y4Klcg7V1MIbZWzN+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88904
x-fb-rlafr: 0
x-fb-debug: X4H81Eex3jeL0j0n+I2vPcUwXG4Sxpeub9rRHO+binq/bb97wAiXUfmLiDlSkrvSzvdVqDmQO6Zv8c+HSy18fQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 08 Nov 2023 01:19:12 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame CEF3 5 KB
2 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: jSVznBo6yLO/z9xucYfRXgzZv0GadshjTxNCOrfWU7E7j7vEHJdNMqm/66CsLEhreQKXHp5+TRSSh3+VFfET3Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Nov 2023 22:45:13 GMT

GET
H2 200 8LoDHCcRMmF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame CEF3 38 KB
12 KB 32ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f28bb67943d02b75ca344e7d7403636d1174bbf9af444c11d4a0fd5cc0f8da0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12369
x-fb-rlafr: 0
x-fb-debug: 0F5PEpd5M8FwW3GPIfX/TUugYqMZQFf5hfKZeHH+bLBlnktfYFlAo+Mq1zwMU8gT35951sxDi+7lAHPjTWGT8g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 08 Nov 2023 14:58:16 GMT

GET
H2 200 ojzICpVg5Kb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame CEF3 52 KB
16 KB 47ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

511bb2e3d878baab516a36f721819aa1c99a0e7ca1ffdaad02aaefdffbf87445

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wrD8MriTscJDs6J7zFeZzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16259
x-fb-rlafr: 0
x-fb-debug: Rfs3txVT8L4PNL+HS49+hMfdJcnyjahxnIwZd9NsGZoXJzHoalQ/K2wzkziyxjza3pAjm6OKuOMJYvFaYsPe4g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:01:13 GMT

GET
H2 200 _jixirLUzY9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame CEF3 12 KB
5 KB 32ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41fe4c106f71de7b1c03731fb52d2ea632037c32c00f9c792c1827cd506c92c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: M65G+1ylWGuOtoTEQL394w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4455
x-fb-rlafr: 0
x-fb-debug: dhBy+0IB8NVbcAT7lX2lnoedhuNFgS1vrnmzw26XZvwx7Ddv1L2PjwNMr0I3QcnATJ81//z5/V44zv1svuTgmg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Nov 2023 18:49:52 GMT

GET
H2 200 SuHirPIqipH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame CEF3 26 KB
8 KB 32ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

461189520515f66d47ef4cf55e7b1b6eeeb50c209e2617f86fd1733ed169d7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DqoZelwBEBHhSJ9BGwQiSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8222
x-fb-rlafr: 0
x-fb-debug: voCBMyiJv2si+qCFhknmxHmDaknqd0dT0hESegMGQcDBrzKDPxlLrLO1BLWS4AiKrCqouQRBP6BR73tOm2hcrg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Nov 2023 18:49:24 GMT

GET
H2 200 SigIl-WfFaj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame CEF3 14 KB
5 KB 46ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15a4594f39269de6c199e97983676ed8454df2e6c1993bda495bab182b425fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LrYlIGQ0NWpWeMUYQcEZZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4647
x-fb-rlafr: 0
x-fb-debug: Rk6zrhGUi9V6Z5HiL5KZativzsDfHZzVpmcMHMgINXlrjCWcCmQ6cS/usOzy3BRTN3z8Uvv799/9/RzNCpkYPg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Nov 2023 20:56:52 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame CEF3 588 B
531 B 45ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dvWT6EJnf3PNCgYjKHSyww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 338
x-fb-rlafr: 0
x-fb-debug: RbR42HnHBsgfkDsHVLOEbM4ggElYJidCpPbguRLoshHSVVpbgEYpYAz1S3fK3CMBXIOgoZL3v2+AJIvkYkuiBA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 02 Nov 2023 21:27:14 GMT

GET
H2 200 9ceEMw7kTfT.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2aq4/yx/l/de_DE/ Frame CEF3 25 KB
7 KB 46ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2aq4/yx/l/de_DE/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9778d9bc81a3011b90d6e45944df383a02e112c1c2a31bd88626aa22fe657e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8kF2cuaqq9jf2P/EpWCxpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7101
x-fb-rlafr: 0
x-fb-debug: cq17NerOj5AFiKkkPMzcyQ9X2wohhPkoRV4yKmJGOEFR2gfff0KM9fZt4G/8bakgyHwQUjP97wOsiprfecseNw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Nov 2023 16:55:29 GMT

GET
H2 200 FelcvtA3NGC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/ Frame CEF3 83 KB
23 KB 47ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/FelcvtA3NGC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

400a2c0ad45dc7bb4739f9888e8735f473e0dc3cbd3e8a721a55384666555689

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: b2PpVjK9ezlzh2dkfMWFew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23372
x-fb-rlafr: 0
x-fb-debug: WjomQO5dyZKzgmdSdcjcTfklZjOCWgrhuomJkSkyRI5qJrw5ANK86yK/99osAa+aSdR842Gjf+yn4QafKbj3CQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Nov 2023 23:43:43 GMT

GET
H2 200 oDVETVg4GJv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame CEF3 22 KB
7 KB 46ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0bpo8UawH0rvYNearbkm6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7236
x-fb-rlafr: 0
x-fb-debug: /rpqFpQsvM1DSUV7FGpC79hyS1igdH6kllM+qalr0guVcumbq0cIqgwFpEZoBbUlKOiKq/xdQR6z4SPVlMW9Yw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:39:14 GMT

GET
H2 200 xn8dTf1XVI9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame CEF3 393 B
462 B 46ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/xn8dTf1XVI9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3cc0172cea6b1e559341d15496ac37b50187a8f78732245c9e5eafab45e9388c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wii/9P3p2mF0orjq/hQd9w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 271
x-fb-rlafr: 0
x-fb-debug: aSfqnQYwXHTuMtvarhw44oyTqxzmmO0Si/rptf9wYR2hwhK+mw6VdYGvJZ0E+8l7Ew4mQTl4e5tosTm27AZARw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Nov 2023 22:38:24 GMT

GET
H2 200 271816189_2990683821243926_7130016975801255279_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/ Frame CEF3 12 KB
12 KB 11ms
10ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/271816189_2990683821243926_7130016975801255279_n.jpg?stp=dst-jpg_p118x118&_nc_cat=1&ccb=1-7&_nc_sid=dd9801&_nc_ohc=kECsX0DVpYQAX8cetpd&_nc_ht=scontent-frx5-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCHZiP-8W3mbeK0bB-HbcEFF-iTEOsGYDl5nmoKE3D3pA&oe=63705948
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphapluattp.vn%2F%3Ffref%3Dts&tabs=timeline&width=300&height=332&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1583514341961894
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c5be99f97fb45115073efa3587e760bb9b312d2d8ef859ebd7931201d6202741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

x-haystack-needlechecksum: 3844493653
date: Wed, 09 Nov 2022 01:13:56 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 18 Jan 2022 04:58:38 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1926640175
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3120853395
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 11854

GET
H2 200 271756926_2990683551243953_8513313551920666881_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t39.30808-1/ Frame CEF3 2 KB
2 KB 12ms
12ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t39.30808-1/271756926_2990683551243953_8513313551920666881_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=HpGE5Y2a3UUAX9OY1rg&_nc_ht=scontent-frx5-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCHGHOT8nLHwwglzCf6u_iAswWndrz_wRWtLSMRPhu_Ew&oe=63707DE4
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphapluattp.vn%2F%3Ffref%3Dts&tabs=timeline&width=300&height=332&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1583514341961894
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 130bbd202ee48cf203f1df0aafcc77f595582b602bca45dbebd995c494b8d235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

x-haystack-needlechecksum: 312875602
date: Wed, 09 Nov 2022 01:13:56 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 18 Jan 2022 04:58:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3904597820
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1224256109
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1810

GET
H2 200 log Show response
log.plo.vn/ 0
117 B 2522ms
214ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/log?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwicmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsInVybCI6Imh0dHBzOi8vcGxvLnZuLyIsInVybF9yZWZlcnJlciI6IiIsInVybF9mdWxsIjoiaHR0cHM6Ly9wbG8udm4vIn0=&r=0.5826194412334476
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 45ms
21ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43897759-1&cid=190760212.1667956436&jid=1426645195&_u=IADAAEAAAAAAACAAI~&z=241202024

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 45ms
22ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43897759-1&cid=190760212.1667956436&jid=1426645195&_u=IADAAEAAAAAAACAAI~&z=241202024

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrow-left.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 205 B
319 B 214ms
214ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/arrow-left.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: d6c4e87c95c77ee93ae2d74214b2555f04138d9e63f108321186e84785a69a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 205
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 arrow.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 224 B
338 B 215ms
215ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/arrow.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 78b37c3280b5bec564df512700bdbf46521f69ed77e54d7c05c5b2332cc5da84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312368
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 224
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 weather.json Show response
service.baomoi.com/ 53 KB
7 KB 991ms
202ms XHR
application/json 118.102.1.120
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://service.baomoi.com/weather.json
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/main.min-1.5.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 118.102.1.120 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software: WT_11.14 /
Resource Hash: a27722f4eb19bdf232ac33824c088d200b64988a5dabf56475d89681cb70ec66

Request headers

Accept: */*
Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
zms: 1152
server: WT_11.14
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 6857
server_time: 1667956436

GET
H3 200 pubads_impl_2022110301.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 22:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131019
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 08:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Nov 2023 22:13:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 922 B
302 B 39ms
20ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=plo.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c78ff3850e52955ecebd7eb0719ce993c805ef1c60aff68fb3a2e7a1cb217dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 277
x-xss-protection: 0
expires: Wed, 09 Nov 2022 01:13:56 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
689 B 75ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=plo.vn&callback=_gfp_s_&client=ca-pub-1043614943751447&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_with_ama.js?client=ca-pub-1043614943751447&plah=plo.vn&bust=31070785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db34c4763372b47f7d82ac77b93c905a6590fb676e5d224dd6a618f9974ef39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 77ms
21ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=plo.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 50ms
18ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=plo.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA4B 603 B
68 B 47ms
29ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1043614943751447&output=html&adk=1812271804&adf=3025194257&lmt=1667956436&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=209x900_l%7C209x810_r&format=0x0&url=https%3A%2F%2Fplo.vn%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667956435953&bpp=4&bdt=1682&idt=204&shv=r20221101&mjsv=m202211030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4953572121126&frm=20&pv=2&ga_vid=190760212.1667956436&ga_sid=1667956436&ga_hid=553334027&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070785%2C44775016%2C44777179%2C44776449&oid=2&pvsid=1018791201672485&tmod=1009839645&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:56 GMT
expires: Wed, 09 Nov 2022 01:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/vi_VN/ 301 KB
85 KB 24ms
13ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=162c178871ddd35845d8e5331ca719a1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66f72463bd52ae268a9f43c365db5eb74532ac27e254abcb780c3e12a40e82a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://plo.vn/
Origin: https://plo.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 01:13:56 GMT
content-md5: 2S51Ogb4f9aZYMZEtZZbAg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87030
x-fb-rlafr: 0
x-fb-debug: 4FShWSzn3jnhojM7FJhdi3lflJHiwMy81RfVX6VHxqfqpOnLCdJDqjNhdNKoecbu7Fn0MI8ZBczkHflfXRge8A==
x-fb-content-md5: 63dc4198e0d6d1ab4e03c29b6302f8ad
cross-origin-opener-policy: same-origin-allow-popups
etag: "e40534e292bf6b5541d9646dd68b0222"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Nov 2023 01:10:05 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
76 KB 54ms
30ms Script
application/javascript 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?_=1667956435985

Requested by

Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/main.min-1.5.6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ec7000aace2b3ee19e7d17ad2c8a9a7048ad229e720b2cffcb170ec0a8395f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O5WyNEkbx-Yd-6-6dAo1hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-O5WyNEkbx-Yd-6-6dAo1hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 09 Nov 2022 01:13:56 GMT

GET
H2 200 user-v2.png
static-cms-plo.zadn.vn/v3/web/styles/img/ 312 B
426 B 213ms
213ms Image
image/png 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/img/user-v2.png
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: cc83138bf06da125f0bfdbd946a9c75a8de73231aca18e73a70a4d46b47976a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
age: 33312369
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 312
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H3 200 qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame CEF3 3 KB
3 KB 20ms
8ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
content-md5: iN31dShDArRt9ZikrDb13w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2616
x-fb-rlafr: 0
x-fb-debug: B9Fx5crFY0mvdr21obs1h0V3xLLmmDwO/sPmNJDRFBFNDTJV5ovndNcERMPwLo8tG0cR+ut44ekn2hljw4s9yA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Nov 2023 02:42:36 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame CEF3 573 B
628 B 18ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/f4wCikaN3ld.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/f4wCikaN3ld.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: 27qRep9cu+fdjI0PsTMYH1upn4Uk3wl9DHCmXEepRnMILNvDrA2hd8sSDZkkC0PiE1UYGoZRL6pPQ8IYUMeQ7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Nov 2023 00:50:15 GMT

GET
H2 200 thumb-nong-118.jpg
photo-cms-plo.epicdn.me/700x420/Uploaded/2022/xqeioxdsox/2022_11_08/ 76 KB
76 KB 795ms
795ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/700x420/Uploaded/2022/xqeioxdsox/2022_11_08/thumb-nong-118.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: ad758f865e95e1b7a629639ddd2bf951d24fb81904550047ba769182afe2c27c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 78137
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 troyt-4743.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/wauiba/2022_11_07/ 16 KB
16 KB 795ms
795ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/wauiba/2022_11_07/troyt-4743.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: af51634dd92a135b5233227f736f0674900a72c4222a9f901b6f3a58f19c38f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 15911
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 cg811-6723.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/wauiba/2022_11_07/ 17 KB
17 KB 796ms
795ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/wauiba/2022_11_07/cg811-6723.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: a3c4214dfb9c716ae93172dd0b5cd594e9026c5de396dc8767525520021932bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 17259
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 5-2348.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/cqjwqcdwp/2022_11_07/ 27 KB
27 KB 796ms
796ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/cqjwqcdwp/2022_11_07/5-2348.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: aca4a5d60d530d119d41a49ae2c5aae46e0009fa93a4ee961e9e334744594a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 27890
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 1youtubefacebook00-00-01-11still001-5053.jpg
photo-cms-plo.epicdn.me/300x180/Uploaded/2022/xqeioxdsox/2022_11_08/ 19 KB
19 KB 796ms
796ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/300x180/Uploaded/2022/xqeioxdsox/2022_11_08/1youtubefacebook00-00-01-11still001-5053.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 46738425fafc7042b59a42c48257b639a122d749dfc9c9e82e8d79acf5d4f1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 19259
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H2 200 center-home-2053.jpg
photo-cms-plo.epicdn.me/Uploaded/2022/xpckxpiu/2022_06_09/ 93 KB
94 KB 796ms
796ms Image
image/png 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/Uploaded/2022/xpckxpiu/2022_06_09/center-home-2053.jpg
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 242a46fdc8b745c03c13f88a0af40ef698ca0f3e76abe4a0c0b723dcd41fb07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
last-modified: Wed, 09 Nov 2022 01:13:56 GMT
server: Universe
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 95578
expires: Tue, 07 Feb 2023 01:13:56 GMT

GET
H3 200 -_SqNk_VRkE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame CEF3 159 KB
47 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/-_SqNk_VRkE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b31df36a41395cd616e0d1c6230fc2bfff9546e039ce51f7dbe2feb96c29f251

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +1wpKvIRSZu6N691LUg7aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47769
x-fb-rlafr: 0
x-fb-debug: vQpb8fsUgbKI44+JjI4IwLLQxmWcOYe5H3XfpWN8PUCZQyoYZfQyXmau/Nh39mOaYRWS8p4aOYZ5hKHjhsWrLQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Nov 2023 21:53:23 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame CEF3 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame CEF3 951 B
587 B 50ms
41ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/FelcvtA3NGC.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d48602f9e7233ce605d34c391ec86a2621f984240f2bac446ec74f21e1c21db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: NECi85VIEGDWVIhfEBu_J6
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphapluattp.vn%2F%3Ffref%3Dts&tabs=timeline&width=300&height=332&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1583514341961894
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 01:13:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ZmIjO3i2w5LfiYuRmV3k7zl6AR9cxYYKiikpBBwWp+DzeSPI3ZUkjEhjlpHsTDX9NPkp59lEVL7IvqivxopTVg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
15 KB 263ms
263ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018791201672485&correlator=2947041434914050&eid=31070660%2C31070747&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=21622890900%3A22654205110%2CVN_plo.vn_pc_allsite_Right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2795064920&didk=1774169037&sfv=1-0-39&sc=1&cookie=ID%3D98241bf6e6adaa8e-227d16646ece0005%3AT%3D1667956436%3ART%3D1667956436%3AS%3DALNI_Ma0a0i7Tfr8KbI2HZ77mWpCuARrSg&gpic=UID%3D00000b7eb05db9e7%3AT%3D1667956436%3ART%3D1667956436%3AS%3DALNI_MZoj7DN8f7kbh8CypC1aN1knjo21A&abxe=1&dt=1667956436344&lmt=1667956436&dlt=1667956434272&idt=2053&adxs=1085&adys=495&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fplo.vn%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=190760212.1667956436&ga_sid=1667956436&ga_hid=553334027&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

141f7cfa2576b32a973e9b0cbc41b1ee209e2c6239187192a233d1bc6428754e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15705
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://plo.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 50F5 6 KB
3 KB 79ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:56 GMT
expires: Thu, 09 Nov 2023 01:13:56 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame CEF3 1 KB
1 KB 8ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/f4wCikaN3ld.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/f4wCikaN3ld.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: vhs0S+OsJZoH1RS939dZozqnUNmPWsNvVe0fR62CEFEQaV6MU+HnpUADDje0JiEkZy/J2vS4SUlWmmrEvJLVbA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Nov 2023 00:39:48 GMT

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2374ms
381ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NjksInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWhpZ2hsaWdodCIsInNvdXJjZUlkIjowLCJpbmRleCI6MH0=&r=0.9751461784110991
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2374ms
382ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NjMsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWhpZ2hsaWdodCIsInNvdXJjZUlkIjowLCJpbmRleCI6MH0=&r=0.1890753018375375
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2374ms
383ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NzIsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWhpZ2hsaWdodCIsInNvdXJjZUlkIjowLCJpbmRleCI6MX0=&r=0.6984614706783043
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2375ms
384ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NTcsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWhpZ2hsaWdodCIsInNvdXJjZUlkIjowLCJpbmRleCI6Mn0=&r=0.5995326171757438
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2375ms
384ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NDcsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWhpZ2hsaWdodCIsInNvdXJjZUlkIjowLCJpbmRleCI6M30=&r=0.34698205599741416
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2373ms
383ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5ODQsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4IjoyfQ==&r=0.11942766571070007
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2374ms
385ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NzksInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4IjozfQ==&r=0.28694332353940677
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2394ms
405ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5MTEsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4Ijo0fQ==&r=0.2774913389845777
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2393ms
403ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5ODIsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4Ijo1fQ==&r=0.25467590210386626
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2393ms
404ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NjAsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4Ijo2fQ==&r=0.49033254186668707
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2393ms
405ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NTksInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4Ijo3fQ==&r=0.19129860973943513
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2394ms
407ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY3NDcsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLW1lZGlhIiwic291cmNlSWQiOjAsImluZGV4IjowfQ==&r=0.4151411239145806
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 2393ms
406ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY4MjAsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLW1lZGlhIiwic291cmNlSWQiOjAsImluZGV4IjoxfQ==&r=0.6775439939481982
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:58 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 46ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?_=1667956435985

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rgk0zoKVehWA3wQjSnXIuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rgk0zoKVehWA3wQjSnXIuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 09 Nov 2022 01:13:56 GMT

POST
H3 200 log Show response
accounts.google.com/gsi/ 0
23 B 41ms
23ms XHR
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/log?client_id=133842327982-0e9r79923bbimkk4drb2t65tafk6n8bp.apps.googleusercontent.com&as=Mpw5okzodCQhoSWjhULowA&event=onetap.card.prompt.browserNotSupported

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?_=1667956435985

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-xJnle46-xBQH2hCs8NghsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-xJnle46-xBQH2hCs8NghsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://plo.vn
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame CEF3 279 B
243 B 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QusOzUJEj2HVYgmawONobw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 189
x-fb-rlafr: 0
x-fb-debug: f6ER2m4IqvaWh761NbUz1wVajujnpL06xZC0G5G7vUOxwPEgi6EmNTox0Vx/qaX7TAivlxqvU/ELjCb2TLFTCA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 03 Nov 2023 16:03:44 GMT

GET
H3 200 /
www.facebook.com/login/ Frame CEF3 0
0 75ms
74ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fphapluattp.vn%252F%253Ffref%253Dts%26tabs%3Dtimeline%26width%3D300%26height%3D332%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D1583514341961894

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphapluattp.vn%2F%3Ffref%3Dts&tabs=timeline&width=300&height=332&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1583514341961894
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Nov 2022 01:13:56 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: rY1mTKSDoSfCNNmkV2q+PywwMEpc34Dyv+efA8gt9Vmb+0oAkRhYNVTatM1aHILJlrWRPV6nFv04qcmiWutftA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 46ms
9ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:56:45 GMT
content-encoding: gzip
age: 2233031
x-guploader-uploadid: ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 14 Oct 2023 04:56:45 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 54ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 01:13:56 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
903 B 531ms
172ms Script
application/javascript 35.164.244.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.244.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-244-115.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:57 GMT
cache-control: public, max-age=86400
last-modified: Tue, 8 Nov 2022 22:17:08 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 50ms
19ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: VD6XB4MBHFJKJ9DH
age: 2766
etag: W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7672b0511f879191-FRA
x-amz-id-2: a05TOcWOnJKrOsbJzgI4ouelLEAs/jW7tt5UEs3lfB6eB8+M9ZBIxELZdCS20TkaNbFYH4Y+BAg=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 31 KB
10 KB 38ms
7ms Script
text/javascript 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 02:05:47 GMT
content-encoding: gzip
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 16:32:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 83290
x-amz-server-side-encryption: AES256
etag: W/"a576cab5f14785e90bbbb12b6ee95a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: RVorPVqapoLmTV3-56-qPma7epN09Bg6kQV9_05u79x0QqqsYYjhkA==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 328ms
101ms Script
application/javascript 18.190.138.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.138.48 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-138-48.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H3 200 container.html Show response
82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 598A 6 KB
3 KB 26ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:56 GMT
expires: Thu, 09 Nov 2023 01:13:56 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 za.js Show response
za.zdn.vn/v3/ 20 KB
8 KB 733ms
206ms Script
application/javascript 120.138.69.5
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://za.zdn.vn/v3/za.js?19305
Requested by: Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 120.138.69.5 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS: ptr.vng.vn
Software: nginx /
Resource Hash: 283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:57 GMT
content-encoding: gzip
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
server: nginx
age: 3170
etag: W/"61dbf878-4f41"
content-type: application/javascript
access-control-allow-origin: *
content-length: 7910

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 598A 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ckqlg1P5qY_zJGIzU3gOmi5HgA56hoa5cofno_p8DwI23ARABIABglaqUgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBPIBT9DqRTHtG0pU8hAhfvY_9BxsvO5lEL_1VzriJRsDH6gfRw91drLlg3L5UxkCvlv69VN3FFBbf5AYKQEtZ5IiHsn_whqVAer-X1GqP3fp2mjd_6iOeAIg5ndtDT6yCK0-3DQrwWyR5S3L0qtwwM79vh5qS_TJeVjTO2ndPL_5Cx2nqkHOjJ7jXdfZrN98h49HCf9H_1pC5qmEcOmX0pI3bFtjkRBePND7AF5xLYsZF6btZo9vi3oVzJfbBj8X0vOXNm7ONFiJhoqEc5bgwVTReEpWZh8B6j4OFWPjaTlVm3tQ9O8EEQGNf8PYc3VmBSgzKEDgBAGABu_iuuj1mOecUKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTYwMDU2NjYwNDMxODc0MDOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=pgNfx1LGbFg&uach_m=[UACH]&cid=CAQSPADq26N9qXkqmeDtMtV_ODNu-W7ixUfKpSwXG8Po-bKZzZVmoFVYgwVaHPbcCsLsm-_d6NnGy1GqM7v6ZxgBIBM
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

GET
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 0136 88 KB
33 KB 101ms
98ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a01:4a0:2b::&output=html&unviewed_position_start=1&url=https://plo.vn&sub_client=bidder-341462&aceid=MKwatAAuHLQARVs0AQ14NAFKejQBj300ATZ-NAHXfzQB7H80AUWANAFLgDQBcIA0AXeANAF5gDQBo4A0AbGANAHCgDQB0IA0AdWANAHWgDQB14A0Ad2ANAHegDQB44A0AeeANAHogDQB6YA0Ae2ANAHugDQB8YA0AfKANAH2gDQB-4A0AQWBNAEOgTQBD4E0ARSBNAEZgTQBGoE0AR-BNAEggTQBS3NBAVNzQQEo-YgCJ0KqAihCqgIpQqoCD1aqAv54qgJxj6oCgJuqAoGbqgKCm6oCoqiqAlW6qgLb1qoCoOWqAuflqgI46aoCXemqAmz4qgIm-6oCQvuqAnf8qgIeBqsCZAerAjkKqwLeC6sC5wurAkgMqwLiDasCuxCrAs4XqwJjHKsCfRyrAvYfqwJdIasCDCOrAh4jqwJuI6sCDSarAt8mqwIrKKsCVCirArEoqwLqKKsCWimrAngqqwL7K6sC_iyrAiAuqwLkLqsC-C6rAmYvqwJvL6sC6y-rAqAwqwIXMqsCXzKrAmAyqwJ8MqsCKTOrArMzqwKcNKsClDWrArg1qwLiNqsCojirApc5qwKsOasCODqrAr07qwINPKsCEzyrAnc8qwKMPKsCjzyrApE8qwK0PKsCqD2rAus-qwIvP6sCST-rAk4_qwKdP6sCh0CrAjdBqwI9QasCWEGrAqFBqwLaQasC80GrAjhDqwI_7QUDmjr6A_V0JARkN2EEVLLFBclYEwoD558Lz5P7EhXI-xKYzfsSlPb7EvwA_BKKAfwSNgL8ErYC_BLbAvwSpQT8EugE_BKSBfwSjwb8EsIH_BLPB_wSsPUDFfdWaxpqy7UuRxsHag&awbid_c=AKAmf-BxbvKhy894D_NGioRU_g1O80JZumQP7p0m6UneKWcBwoQ5Z9srhvLVhqyXHfjvs3GZQc07oB9OAUjkNQ1Bq9MXFcoUpaHGBZYyT2RiS5Mug35yVOh48hBuulj87R37iKujctZfHwj7CjvyesFebQpj13S6vMKgcX6-AtFFWn42HXoLOwqjimqh-S3DNgsuWcMgsRE9&awbid_d=AKAmf-AN3oTflBuJUJIXgdW3rJKfyHMmg08xUtjMhnOgDHX2B2fuiVy9cDidUHtmINkkKhbzILf2y2_3nu0OM_DSiTEZnlqdOxaQ7IYaG825xG2V2oPf6jO8q-UU1yzCCaZzFFSklah7hLvqg-puJheMDG10OFM-n_2JByk6Nav71EmGvmS6BT_6fDq4ADkuFKnIJl-C65rTbvJA9PXm7VsciMNvJq7cEyr2Bs6Tz_AuUOZLbk5Ah0CzuLuEcA3EXQqxHRqnpBneENGTuNVY93oe8I7QAZ2_uEqGltGK4NrA4FQrLp-P8qKP6s8xSE8ShPu4gob7kSyjW8hfWVXRFi3h7347ohhe9CptROiUuyDq-_BYi3OVWIYGsKWkgFx11AUGX5UTQYILxNvm0FKKw6i_K_QBYq_aPQtBaRJsQFDfD-rjALSUgicnFYA1WC2T5WFewFN9ViAvGAM860h8q65Q2uhMLPkk3o8OwfeMSjiFpnjCInFCMXjuUtRkOvA3GUjgxMoF54J0FtSGuefHjtvTl42f7LWiRM7IYnYmP3Mz2dafbdcXHgjV7UdjetEQi_VTOddiRZlsLnT9BiIqIadhbTQz_aBfMQRGFWxT2wLePLwQvMh5mCs2gTT5C223P3Y0szsmFpf5dk7wIPnmsYAvMI5DmsFeEXHveWTrnYGk3MXbKTJV9PEFyusWUG6XqLQKwcjm6uZ6DS37hYvhE6NXr07LNdxGFdCfq0fIwgCa0AdK1O9ejXtj2m5-Qs1GWEg-aMwGLDEPXsh6Eefap12goZsPZU7KzoUDJIsBk3SpRNshTQ2TymeftU-riRdA2-T4som3zwKYWwH_26dClZu_RPg6lSDLD0kzkImswVhFV5P7PUfvUyVjadKeZybXZsxmfjR2HSW7&cid=CAASBORoZVQ&exk=458091768&rfl=https%3A%2F%2Fplo.vn%2F&a_pr=13:Y2r-1AAAAAD6Pgxgy1lSFy3CXgpAsHVq0FRQPw

Requested by

Host: plo.vn
URL: https://plo.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7bf4f54eec81265709736aa5732a3d97e65d0c46558b6add2ece0a6b5e1a7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 33909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 598A 7 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 00:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2611
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3003
x-xss-protection: 0
server: cafe
etag: 2660866305706646737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 01:30:25 GMT

GET
H/1.1 200
OK v1
a5212.casalemedia.com/impression/ Frame 598A 43 B
303 B 43ms
8ms Image
image/gif 85.91.45.126
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5212.casalemedia.com/impression/v1?bidID=c3e8750e-8ebd-47ab-988f-cfacf09832f1&traceID=cdlftl7vpan80lslqd3g&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1667957036&ap=Y2r-1AAGJPwKd6oMAARFpil6KqmVi2tEX4p9AA&siteID=341462&creativeID=c94e6d&pubID=189149&format=banner&channel=site
Requested by: Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.91.45.126 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Nov 2022 01:13:56 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 598A 0
20 B 46ms
44ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-CbzixPGZVSgDoJ2_OPmdDBNY1LAD4Wt5i1k3DeJ30So6CftFlvPg8nJzV4fSGhHgN-HDfjGj6aofjdX6HKs-6LF-FpJw&pr=13:Y2r-1AAAAACc28m6EOn2SK39I4iGS2z_06umIQ

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 598A 3 KB
1 KB 44ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus.js

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cd4d90997d3194d84d1003fa9395353f67c41cad99e204ef7cdc17b545267fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 17:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1275
x-xss-protection: 0
server: cafe
etag: 12501696664385849995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Nov 2022 17:34:06 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 598A 26 KB
10 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection.js

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab28d3e4f137101e0d446bc8fff2eb89c6acc2634b7c88d0c6dfbb5f1e4ab62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9986
x-xss-protection: 0
server: cafe
etag: 14206481254171068379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Nov 2022 14:27:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 598A 0
0 42ms
21ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTblk7WIuJqKE5FRrySBG3Jmh1RRAXtPfTtrPmEdsBcmtXqijoPFywgqENiAT2Sq4rmxzPIviv9N8nde7Xd5pkifv-jxg
Requested by: Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 598A 24 KB
8 KB 40ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 598A 154 KB
48 KB 60ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667824238049716"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 01:13:56 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
328 B 100ms
31ms XHR
application/json 3.248.126.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.126.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-126-7.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ddd7611b6f7a9db15436891cdcb1c8c4fffb9b10a8399a47542a5a8386465283

Request headers

Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://plo.vn
cache-control: no-cache
x-server: 10.45.2.155
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fplo.vn%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fplo.vn%2F&rid=esp&cc=1

85 B
103 B

136ms
120ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fplo.vn%2F&rid=esp&cc=1
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e0be519914da416fb8d4589c687215e9a77c200e51680c6edb30f67144aa66f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Tl67Y0w7jSqfJ3ZMByE0or9R6Cc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://plo.vn
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 09 Nov 2022 01:13:56 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://plo.vn
location: /esp?url=https%3A%2F%2Fplo.vn%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
315 B 35ms
9ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5848 2 KB
1 KB 89ms
19ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=plo.vn

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 849776
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8913
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

2 KB
1 KB

49ms
37ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by: Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412f813e42b962207e03410681458008b60f33c89525b93ca118af32522785bf

Request headers

Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7672b051df9568ec-FRA
content-encoding: br
content-type: text/html
date: Wed, 09 Nov 2022 01:13:56 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4GK3KjpLzIqkbpJEdZmd2X5EDlWP3jnMCKPDiAehTNl75FV3Ev8hKppydPdGip5bOwJtZe9B%2B730Qld1WznwDC%2BhFXSWgjgRWb44moh38XJTZt3L%2FlmP1iJpjuse8AB4ah5hwjaBtiLig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7672b0519a3c9a41-FRA
content-length: 0
date: Wed, 09 Nov 2022 01:13:56 GMT
expires: 0
location: /usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMTcPXGpFhELUHrkybXGJHk66aODNbi6WU51hmnAWuMUq99Sqmjm44TyPm6K%2BtRWCG8l6RO1W12QTkfAJCZElykfvuPgI4QOz6IWsH3DqEBUg019BPlazKOrkf5gWn0sKc%2BOdr99CZjCHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7617 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 13:12:47 GMT
etag: 48472445140208031
expires: Wed, 09 Nov 2022 13:12:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7617
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEdp8rArFBA--ObrTvvOwLg&google_cver=1&google_push=ASkJ3FZj0WjlIhWWl9IDXqqkaAYrClcoATPQ86XSBPewWZvL6pmejVxSVlznK6Zd4jI475GiTh6Z89nPw1KyStsN9_JkXwF7D7BQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F3816E9D783436C84BD9BBAB694995D&google_push=ASkJ3FZj0WjlIhWWl9IDXqqkaAYrClcoATPQ86XSBPewWZvL6pmejVxSVlznK6Zd4jI475GiTh6Z89nPw1KySts...

170 B
188 B

43ms
37ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F3816E9D783436C84BD9BBAB694995D&google_push=ASkJ3FZj0WjlIhWWl9IDXqqkaAYrClcoATPQ86XSBPewWZvL6pmejVxSVlznK6Zd4jI475GiTh6Z89nPw1KyStsN9_JkXwF7D7BQ

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Nov 2022 01:13:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F3816E9D783436C84BD9BBAB694995D&google_push=ASkJ3FZj0WjlIhWWl9IDXqqkaAYrClcoATPQ86XSBPewWZvL6pmejVxSVlznK6Zd4jI475GiTh6Z89nPw1KyStsN9_JkXwF7D7BQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 08 Nov 2022 01:13:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7617
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO62gQPdIRys5PV66yUlwkk&google_cver=1&google_push=ASkJ3Fb77e-EZFwMSYjof3FGAIxZ7m_TTPmAfPC3SPODztsd9DbkzbVrhH_qLm8t1pZzC7j8shuIxbiBLhxzwY...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgxODM0Mzc4OTQyNjgyOQ%3D%3D&google_push=ASkJ3Fb77e-EZFwMSYjof3FGAIxZ7m_TTPmAfPC3SPODztsd9DbkzbVrhH_qLm8t1pZzC7j8shuIxbiBLhxzwY5nkT...

170 B
188 B

43ms
37ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgxODM0Mzc4OTQyNjgyOQ%3D%3D&google_push=ASkJ3Fb77e-EZFwMSYjof3FGAIxZ7m_TTPmAfPC3SPODztsd9DbkzbVrhH_qLm8t1pZzC7j8shuIxbiBLhxzwY5nkTvm7xsIRdwG

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzgxODM0Mzc4OTQyNjgyOQ%3D%3D&google_push=ASkJ3Fb77e-EZFwMSYjof3FGAIxZ7m_TTPmAfPC3SPODztsd9DbkzbVrhH_qLm8t1pZzC7j8shuIxbiBLhxzwY5nkTvm7xsIRdwG
Date: Wed, 09 Nov 2022 01:13:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7617
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENePNxphI4EG-tvLsoW9aBU&google_cver=1&google_push=ASkJ3FbCVZAnkpthNi4IJCQZebTR4zUs6u2Sq6y4mOg3iC0jQqsAVPF9n6JhSI7DAmAyuUasS6PIDhKjFJlfpkJz...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WcAFgfBxSbW0gsyEQ8xqsg2&google_push=ASkJ3FbCVZAnkpthNi4IJCQZebTR4zUs6u2Sq6y4mOg3iC0jQqsAVPF9n6JhSI7DAmAyuUasS6PIDhKjFJlfpkJzAkzLyEeD9tJb

170 B
188 B

55ms
37ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WcAFgfBxSbW0gsyEQ8xqsg2&google_push=ASkJ3FbCVZAnkpthNi4IJCQZebTR4zUs6u2Sq6y4mOg3iC0jQqsAVPF9n6JhSI7DAmAyuUasS6PIDhKjFJlfpkJzAkzLyEeD9tJb

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Nov 2022 01:13:56 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WcAFgfBxSbW0gsyEQ8xqsg2&google_push=ASkJ3FbCVZAnkpthNi4IJCQZebTR4zUs6u2Sq6y4mOg3iC0jQqsAVPF9n6JhSI7DAmAyuUasS6PIDhKjFJlfpkJzAkzLyEeD9tJb
x-host: tde-deliveryengine-production-5b89f5f57f-bxprx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7617
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC-t8o1lfWZNRQaSB0rev08&google_cver=1&google_push=ASkJ3FYjHIUTZIl0i2hxcmSfvdTphWZNInKGCwFoEyOK-R-HtMhYA8WorQcfDF85wPlbeB_E9BjxMiIyObg3-k5OFnyzUY0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYjHIUTZIl0i2hxcmSfvdTphWZNInKGCwFoEyOK-R-HtMhYA8WorQcfDF85wPlbeB_E9BjxMiIyObg3-k5OFnyzUY0wJdm1&google_hm=Nzg0NTM2OTc3Nzc3NzExMDQw

170 B
188 B

43ms
27ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYjHIUTZIl0i2hxcmSfvdTphWZNInKGCwFoEyOK-R-HtMhYA8WorQcfDF85wPlbeB_E9BjxMiIyObg3-k5OFnyzUY0wJdm1&google_hm=Nzg0NTM2OTc3Nzc3NzExMDQw

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Nov 2022 01:13:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYjHIUTZIl0i2hxcmSfvdTphWZNInKGCwFoEyOK-R-HtMhYA8WorQcfDF85wPlbeB_E9BjxMiIyObg3-k5OFnyzUY0wJdm1&google_hm=Nzg0NTM2OTc3Nzc3NzExMDQw
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7617
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF_uWo6deuKqERFooNgLuKY&google_cver=1&google_push=ASkJ3Fari0yNudQ7pu8tub7M7jSkl20CkEj8EQJeW30Zfy_rNodVkzh4bAuViFPOJ0JCCAnR1M8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4WTczRlQtSC1MMzdE&google_push=ASkJ3Fari0yNudQ7pu8tub7M7jSkl20CkEj8EQJeW30Zfy_rNodVkzh4bAuViFPOJ0JCCAnR1M87IP57gGfa00KH6m3e12amA-g7

170 B
188 B

50ms
34ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4WTczRlQtSC1MMzdE&google_push=ASkJ3Fari0yNudQ7pu8tub7M7jSkl20CkEj8EQJeW30Zfy_rNodVkzh4bAuViFPOJ0JCCAnR1M87IP57gGfa00KH6m3e12amA-g7

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4WTczRlQtSC1MMzdE&google_push=ASkJ3Fari0yNudQ7pu8tub7M7jSkl20CkEj8EQJeW30Zfy_rNodVkzh4bAuViFPOJ0JCCAnR1M87IP57gGfa00KH6m3e12amA-g7
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 7617 0
45 B 151ms
21ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEML5JXdf2rzvuzFh7i4xjR0&google_cver=1&google_push=ASkJ3FaGS17EAAl5HUIV7awdXV3y5Ia06EwCQXyWN7FoAazzue2I4mYp0WrbRT7zQsepYvoHiozRyaHhpb3XFfaOtwLT8ba7GTjH
Requested by: Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 7617
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGuemoYEcSXKZfQ-gQSifAM&google_cver=1&google_p...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3Fa7kKdSobuCSj8furIZWfOOfceaH0jThfI4kXBCa44x5RmHB8HLHMWVkuN1NIbjMxXdJB-5_kuPkaB2Lz1l1Q8EMedF-TvhuA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

33ms
32ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

expires: Wed, 09 Nov 2022 01:13:56 GMT
pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7617 0
232 B 57ms
16ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0qmKoMzjX9MgK1P2y09Y4GxNCd7weHzUhSl-1fbEPorYULU4GT8tn8-94d1jGduhIj3ODcg

Requested by

Host: 82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
URL: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 598A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71eafdf7b6a7dd838a13f9e12c44b03ec72c138f291b723ef8a800c8dda8358

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14516945860906820167
tpc.googlesyndication.com/simgad/ Frame 0136 44 KB
44 KB 45ms
26ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14516945860906820167?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkHgdhTWXwEgyLFIWk338Qmv9kadQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a01:4a0:2b::&output=html&unviewed_position_start=1&url=https://plo.vn&sub_client=bidder-341462&aceid=MKwatAAuHLQARVs0AQ14NAFKejQBj300ATZ-NAHXfzQB7H80AUWANAFLgDQBcIA0AXeANAF5gDQBo4A0AbGANAHCgDQB0IA0AdWANAHWgDQB14A0Ad2ANAHegDQB44A0AeeANAHogDQB6YA0Ae2ANAHugDQB8YA0AfKANAH2gDQB-4A0AQWBNAEOgTQBD4E0ARSBNAEZgTQBGoE0AR-BNAEggTQBS3NBAVNzQQEo-YgCJ0KqAihCqgIpQqoCD1aqAv54qgJxj6oCgJuqAoGbqgKCm6oCoqiqAlW6qgLb1qoCoOWqAuflqgI46aoCXemqAmz4qgIm-6oCQvuqAnf8qgIeBqsCZAerAjkKqwLeC6sC5wurAkgMqwLiDasCuxCrAs4XqwJjHKsCfRyrAvYfqwJdIasCDCOrAh4jqwJuI6sCDSarAt8mqwIrKKsCVCirArEoqwLqKKsCWimrAngqqwL7K6sC_iyrAiAuqwLkLqsC-C6rAmYvqwJvL6sC6y-rAqAwqwIXMqsCXzKrAmAyqwJ8MqsCKTOrArMzqwKcNKsClDWrArg1qwLiNqsCojirApc5qwKsOasCODqrAr07qwINPKsCEzyrAnc8qwKMPKsCjzyrApE8qwK0PKsCqD2rAus-qwIvP6sCST-rAk4_qwKdP6sCh0CrAjdBqwI9QasCWEGrAqFBqwLaQasC80GrAjhDqwI_7QUDmjr6A_V0JARkN2EEVLLFBclYEwoD558Lz5P7EhXI-xKYzfsSlPb7EvwA_BKKAfwSNgL8ErYC_BLbAvwSpQT8EugE_BKSBfwSjwb8EsIH_BLPB_wSsPUDFfdWaxpqy7UuRxsHag&awbid_c=AKAmf-BxbvKhy894D_NGioRU_g1O80JZumQP7p0m6UneKWcBwoQ5Z9srhvLVhqyXHfjvs3GZQc07oB9OAUjkNQ1Bq9MXFcoUpaHGBZYyT2RiS5Mug35yVOh48hBuulj87R37iKujctZfHwj7CjvyesFebQpj13S6vMKgcX6-AtFFWn42HXoLOwqjimqh-S3DNgsuWcMgsRE9&awbid_d=AKAmf-AN3oTflBuJUJIXgdW3rJKfyHMmg08xUtjMhnOgDHX2B2fuiVy9cDidUHtmINkkKhbzILf2y2_3nu0OM_DSiTEZnlqdOxaQ7IYaG825xG2V2oPf6jO8q-UU1yzCCaZzFFSklah7hLvqg-puJheMDG10OFM-n_2JByk6Nav71EmGvmS6BT_6fDq4ADkuFKnIJl-C65rTbvJA9PXm7VsciMNvJq7cEyr2Bs6Tz_AuUOZLbk5Ah0CzuLuEcA3EXQqxHRqnpBneENGTuNVY93oe8I7QAZ2_uEqGltGK4NrA4FQrLp-P8qKP6s8xSE8ShPu4gob7kSyjW8hfWVXRFi3h7347ohhe9CptROiUuyDq-_BYi3OVWIYGsKWkgFx11AUGX5UTQYILxNvm0FKKw6i_K_QBYq_aPQtBaRJsQFDfD-rjALSUgicnFYA1WC2T5WFewFN9ViAvGAM860h8q65Q2uhMLPkk3o8OwfeMSjiFpnjCInFCMXjuUtRkOvA3GUjgxMoF54J0FtSGuefHjtvTl42f7LWiRM7IYnYmP3Mz2dafbdcXHgjV7UdjetEQi_VTOddiRZlsLnT9BiIqIadhbTQz_aBfMQRGFWxT2wLePLwQvMh5mCs2gTT5C223P3Y0szsmFpf5dk7wIPnmsYAvMI5DmsFeEXHveWTrnYGk3MXbKTJV9PEFyusWUG6XqLQKwcjm6uZ6DS37hYvhE6NXr07LNdxGFdCfq0fIwgCa0AdK1O9ejXtj2m5-Qs1GWEg-aMwGLDEPXsh6Eefap12goZsPZU7KzoUDJIsBk3SpRNshTQ2TymeftU-riRdA2-T4som3zwKYWwH_26dClZu_RPg6lSDLD0kzkImswVhFV5P7PUfvUyVjadKeZybXZsxmfjR2HSW7&cid=CAASBORoZVQ&exk=458091768&rfl=https%3A%2F%2Fplo.vn%2F&a_pr=13:Y2r-1AAAAAD6Pgxgy1lSFy3CXgpAsHVq0FRQPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543544fba4d0f21ecb675ae4bb690b79d6ccf1161899fb93235f56e0c668a9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:40:48 GMT
x-content-type-options: nosniff
age: 477188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45400
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:04:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Nov 2023 12:40:48 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 0136 30 KB
11 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11393
x-xss-protection: 0
server: cafe
etag: 8974296396314687744
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Nov 2022 14:27:24 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0136 3 KB
1 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cd4d90997d3194d84d1003fa9395353f67c41cad99e204ef7cdc17b545267fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 17:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1275
x-xss-protection: 0
server: cafe
etag: 12501696664385849995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Nov 2022 17:34:06 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0136 26 KB
10 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab28d3e4f137101e0d446bc8fff2eb89c6acc2634b7c88d0c6dfbb5f1e4ab62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9986
x-xss-protection: 0
server: cafe
etag: 14206481254171068379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Nov 2022 14:27:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0136 0
0 28ms
25ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6Y-LgKGr9svnc4Szhl1ho_t47VkEmfppQ-IHzSGo_yvfxyeOYxAfNmU1CZq3HQC3iWlKgyPryHB0so7suGZNteOEpgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a01:4a0:2b::&output=html&unviewed_position_start=1&url=https://plo.vn&sub_client=bidder-341462&aceid=MKwatAAuHLQARVs0AQ14NAFKejQBj300ATZ-NAHXfzQB7H80AUWANAFLgDQBcIA0AXeANAF5gDQBo4A0AbGANAHCgDQB0IA0AdWANAHWgDQB14A0Ad2ANAHegDQB44A0AeeANAHogDQB6YA0Ae2ANAHugDQB8YA0AfKANAH2gDQB-4A0AQWBNAEOgTQBD4E0ARSBNAEZgTQBGoE0AR-BNAEggTQBS3NBAVNzQQEo-YgCJ0KqAihCqgIpQqoCD1aqAv54qgJxj6oCgJuqAoGbqgKCm6oCoqiqAlW6qgLb1qoCoOWqAuflqgI46aoCXemqAmz4qgIm-6oCQvuqAnf8qgIeBqsCZAerAjkKqwLeC6sC5wurAkgMqwLiDasCuxCrAs4XqwJjHKsCfRyrAvYfqwJdIasCDCOrAh4jqwJuI6sCDSarAt8mqwIrKKsCVCirArEoqwLqKKsCWimrAngqqwL7K6sC_iyrAiAuqwLkLqsC-C6rAmYvqwJvL6sC6y-rAqAwqwIXMqsCXzKrAmAyqwJ8MqsCKTOrArMzqwKcNKsClDWrArg1qwLiNqsCojirApc5qwKsOasCODqrAr07qwINPKsCEzyrAnc8qwKMPKsCjzyrApE8qwK0PKsCqD2rAus-qwIvP6sCST-rAk4_qwKdP6sCh0CrAjdBqwI9QasCWEGrAqFBqwLaQasC80GrAjhDqwI_7QUDmjr6A_V0JARkN2EEVLLFBclYEwoD558Lz5P7EhXI-xKYzfsSlPb7EvwA_BKKAfwSNgL8ErYC_BLbAvwSpQT8EugE_BKSBfwSjwb8EsIH_BLPB_wSsPUDFfdWaxpqy7UuRxsHag&awbid_c=AKAmf-BxbvKhy894D_NGioRU_g1O80JZumQP7p0m6UneKWcBwoQ5Z9srhvLVhqyXHfjvs3GZQc07oB9OAUjkNQ1Bq9MXFcoUpaHGBZYyT2RiS5Mug35yVOh48hBuulj87R37iKujctZfHwj7CjvyesFebQpj13S6vMKgcX6-AtFFWn42HXoLOwqjimqh-S3DNgsuWcMgsRE9&awbid_d=AKAmf-AN3oTflBuJUJIXgdW3rJKfyHMmg08xUtjMhnOgDHX2B2fuiVy9cDidUHtmINkkKhbzILf2y2_3nu0OM_DSiTEZnlqdOxaQ7IYaG825xG2V2oPf6jO8q-UU1yzCCaZzFFSklah7hLvqg-puJheMDG10OFM-n_2JByk6Nav71EmGvmS6BT_6fDq4ADkuFKnIJl-C65rTbvJA9PXm7VsciMNvJq7cEyr2Bs6Tz_AuUOZLbk5Ah0CzuLuEcA3EXQqxHRqnpBneENGTuNVY93oe8I7QAZ2_uEqGltGK4NrA4FQrLp-P8qKP6s8xSE8ShPu4gob7kSyjW8hfWVXRFi3h7347ohhe9CptROiUuyDq-_BYi3OVWIYGsKWkgFx11AUGX5UTQYILxNvm0FKKw6i_K_QBYq_aPQtBaRJsQFDfD-rjALSUgicnFYA1WC2T5WFewFN9ViAvGAM860h8q65Q2uhMLPkk3o8OwfeMSjiFpnjCInFCMXjuUtRkOvA3GUjgxMoF54J0FtSGuefHjtvTl42f7LWiRM7IYnYmP3Mz2dafbdcXHgjV7UdjetEQi_VTOddiRZlsLnT9BiIqIadhbTQz_aBfMQRGFWxT2wLePLwQvMh5mCs2gTT5C223P3Y0szsmFpf5dk7wIPnmsYAvMI5DmsFeEXHveWTrnYGk3MXbKTJV9PEFyusWUG6XqLQKwcjm6uZ6DS37hYvhE6NXr07LNdxGFdCfq0fIwgCa0AdK1O9ejXtj2m5-Qs1GWEg-aMwGLDEPXsh6Eefap12goZsPZU7KzoUDJIsBk3SpRNshTQ2TymeftU-riRdA2-T4som3zwKYWwH_26dClZu_RPg6lSDLD0kzkImswVhFV5P7PUfvUyVjadKeZybXZsxmfjR2HSW7&cid=CAASBORoZVQ&exk=458091768&rfl=https%3A%2F%2Fplo.vn%2F&a_pr=13:Y2r-1AAAAAD6Pgxgy1lSFy3CXgpAsHVq0FRQPw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0136 154 KB
47 KB 57ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667824238049716"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 01:13:56 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0136 48 KB
18 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de73224ce1835eacc8405d9b93a6a3fb6adba004a3a49fe5ef6e54d00a7e5c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 14:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17898
x-xss-protection: 0
server: cafe
etag: 4633231558630032654
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Nov 2022 14:55:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0136 0
17 B 62ms
60ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqOBr1P5qY_6OHpqrxwL0pobgBcHcuqptytruiPQQv-EeEAEgt-WEIWCVqpSCoAegAYeDv_cDyAECqAMByAPJBKoExQFP0N2o3jDUjNBDx31air2Di5clgEA_r7qCydPPT7swDCuy1O0iw1V_ZJDmFFx6s4RNdCUzgKoSKp32XJGHyq53THVfw4OkFHktFG17qsSDoMo_uDdiMkn5a7dU8rI5V6hCXxiwRcaX1rTa-oOiyhyK3GGuEeCOQbytnZOCvEuyEUxAlihQ8Yjem8zG-Wr3iFKpQy2vI86oFxseLr-EzM65XbYnR7afU8-EM5q3UJc28hHRX4aHt_2eSIOYd2epfzIVaEqOFcAEg5yo6qgEkgUECAQYAZIFBAgFGASgBgKAB6a7_oUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCBEIgOGAEBABGAAyAqoCOgKAQPIIDWJpZGRlci0zNDE0NjKACgTICwHYEw3QFQGAFwGyFwgKBggAEgAYAA&sigh=CjHJvVa9aTQ&uach_m=[UACH]&pr=13:Y2r-1AAAAAD6Pgxgy1lSFy3CXgpAsHVq0FRQPw&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a01:4a0:2b::&output=html&unviewed_position_start=1&url=https://plo.vn&sub_client=bidder-341462&aceid=MKwatAAuHLQARVs0AQ14NAFKejQBj300ATZ-NAHXfzQB7H80AUWANAFLgDQBcIA0AXeANAF5gDQBo4A0AbGANAHCgDQB0IA0AdWANAHWgDQB14A0Ad2ANAHegDQB44A0AeeANAHogDQB6YA0Ae2ANAHugDQB8YA0AfKANAH2gDQB-4A0AQWBNAEOgTQBD4E0ARSBNAEZgTQBGoE0AR-BNAEggTQBS3NBAVNzQQEo-YgCJ0KqAihCqgIpQqoCD1aqAv54qgJxj6oCgJuqAoGbqgKCm6oCoqiqAlW6qgLb1qoCoOWqAuflqgI46aoCXemqAmz4qgIm-6oCQvuqAnf8qgIeBqsCZAerAjkKqwLeC6sC5wurAkgMqwLiDasCuxCrAs4XqwJjHKsCfRyrAvYfqwJdIasCDCOrAh4jqwJuI6sCDSarAt8mqwIrKKsCVCirArEoqwLqKKsCWimrAngqqwL7K6sC_iyrAiAuqwLkLqsC-C6rAmYvqwJvL6sC6y-rAqAwqwIXMqsCXzKrAmAyqwJ8MqsCKTOrArMzqwKcNKsClDWrArg1qwLiNqsCojirApc5qwKsOasCODqrAr07qwINPKsCEzyrAnc8qwKMPKsCjzyrApE8qwK0PKsCqD2rAus-qwIvP6sCST-rAk4_qwKdP6sCh0CrAjdBqwI9QasCWEGrAqFBqwLaQasC80GrAjhDqwI_7QUDmjr6A_V0JARkN2EEVLLFBclYEwoD558Lz5P7EhXI-xKYzfsSlPb7EvwA_BKKAfwSNgL8ErYC_BLbAvwSpQT8EugE_BKSBfwSjwb8EsIH_BLPB_wSsPUDFfdWaxpqy7UuRxsHag&awbid_c=AKAmf-BxbvKhy894D_NGioRU_g1O80JZumQP7p0m6UneKWcBwoQ5Z9srhvLVhqyXHfjvs3GZQc07oB9OAUjkNQ1Bq9MXFcoUpaHGBZYyT2RiS5Mug35yVOh48hBuulj87R37iKujctZfHwj7CjvyesFebQpj13S6vMKgcX6-AtFFWn42HXoLOwqjimqh-S3DNgsuWcMgsRE9&awbid_d=AKAmf-AN3oTflBuJUJIXgdW3rJKfyHMmg08xUtjMhnOgDHX2B2fuiVy9cDidUHtmINkkKhbzILf2y2_3nu0OM_DSiTEZnlqdOxaQ7IYaG825xG2V2oPf6jO8q-UU1yzCCaZzFFSklah7hLvqg-puJheMDG10OFM-n_2JByk6Nav71EmGvmS6BT_6fDq4ADkuFKnIJl-C65rTbvJA9PXm7VsciMNvJq7cEyr2Bs6Tz_AuUOZLbk5Ah0CzuLuEcA3EXQqxHRqnpBneENGTuNVY93oe8I7QAZ2_uEqGltGK4NrA4FQrLp-P8qKP6s8xSE8ShPu4gob7kSyjW8hfWVXRFi3h7347ohhe9CptROiUuyDq-_BYi3OVWIYGsKWkgFx11AUGX5UTQYILxNvm0FKKw6i_K_QBYq_aPQtBaRJsQFDfD-rjALSUgicnFYA1WC2T5WFewFN9ViAvGAM860h8q65Q2uhMLPkk3o8OwfeMSjiFpnjCInFCMXjuUtRkOvA3GUjgxMoF54J0FtSGuefHjtvTl42f7LWiRM7IYnYmP3Mz2dafbdcXHgjV7UdjetEQi_VTOddiRZlsLnT9BiIqIadhbTQz_aBfMQRGFWxT2wLePLwQvMh5mCs2gTT5C223P3Y0szsmFpf5dk7wIPnmsYAvMI5DmsFeEXHveWTrnYGk3MXbKTJV9PEFyusWUG6XqLQKwcjm6uZ6DS37hYvhE6NXr07LNdxGFdCfq0fIwgCa0AdK1O9ejXtj2m5-Qs1GWEg-aMwGLDEPXsh6Eefap12goZsPZU7KzoUDJIsBk3SpRNshTQ2TymeftU-riRdA2-T4som3zwKYWwH_26dClZu_RPg6lSDLD0kzkImswVhFV5P7PUfvUyVjadKeZybXZsxmfjR2HSW7&cid=CAASBORoZVQ&exk=458091768&rfl=https%3A%2F%2Fplo.vn%2F&a_pr=13:Y2r-1AAAAAD6Pgxgy1lSFy3CXgpAsHVq0FRQPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 09 Nov 2022 01:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8913
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2r.1P6iWcxtSCeZt6TqpQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBo5BAyyPy1xPwBIiqBZ7KM&google_cver=1&google_hm=2

43 B
766 B

16ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBo5BAyyPy1xPwBIiqBZ7KM&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Nov 2022 01:13:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBo5BAyyPy1xPwBIiqBZ7KM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8913 70 B
265 B 118ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 8913 170 B
188 B 34ms
18ms Image
image/png 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8913
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB&dcc=t

43 B
568 B

107ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Nov 2022 01:13:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0CS28F4TV717WB373DGD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Nov 2022 01:13:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 99T0S4SCB1WNZGACA5WD
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 8913 0
0 42ms
7ms Image
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

GET
H2

200

rum
dsum.casalemedia.com/ Frame 8913
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668042836&gdpr=1

43 B
875 B

66ms
30ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668042836&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNaS6rX0tnFYyWj1x5rnBqf%2FjtlKABGsigXoKRuWgU9%2F7nM9gmPDqyE%2BBnCPgsOnm%2FKOJyCqU7W6FWP4M1GgFCXAHReqkgRKxzmpZg8h%2Bl0Ogr2n8JNdb7%2Fl2dCI3jJVP72EP6nE"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7672b05328b69150-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668042836&gdpr=1
pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8913
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=8LChd6Dm8yLr568mpbC6JKe3pifru6ZypeJjlZ4I

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=8LChd6Dm8yLr568mpbC6JKe3pifru6ZypeJjlZ4I
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Nov 2022 01:13:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=8LChd6Dm8yLr568mpbC6JKe3pifru6ZypeJjlZ4I
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bridge
cm.adgrx.com/ Frame 8913 43 B
283 B 116ms
18ms Image
image/gif 72.251.245.181
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:56 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-8
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8913 43 B
352 B 61ms
13ms Image
image/gif 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Y2r-1P6iWcxtSCeZt6TqpQAABIAAAAIB=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:56 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 327
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7672b0528faa9bca-FRA
content-length: 43
expires: Wed, 09 Nov 2022 05:13:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A669 143 B
166 B 18ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a01:4a0:2b::&output=html&unviewed_position_start=1&url=https://plo.vn&sub_client=bidder-341462&aceid=MKwatAAuHLQARVs0AQ14NAFKejQBj300ATZ-NAHXfzQB7H80AUWANAFLgDQBcIA0AXeANAF5gDQBo4A0AbGANAHCgDQB0IA0AdWANAHWgDQB14A0Ad2ANAHegDQB44A0AeeANAHogDQB6YA0Ae2ANAHugDQB8YA0AfKANAH2gDQB-4A0AQWBNAEOgTQBD4E0ARSBNAEZgTQBGoE0AR-BNAEggTQBS3NBAVNzQQEo-YgCJ0KqAihCqgIpQqoCD1aqAv54qgJxj6oCgJuqAoGbqgKCm6oCoqiqAlW6qgLb1qoCoOWqAuflqgI46aoCXemqAmz4qgIm-6oCQvuqAnf8qgIeBqsCZAerAjkKqwLeC6sC5wurAkgMqwLiDasCuxCrAs4XqwJjHKsCfRyrAvYfqwJdIasCDCOrAh4jqwJuI6sCDSarAt8mqwIrKKsCVCirArEoqwLqKKsCWimrAngqqwL7K6sC_iyrAiAuqwLkLqsC-C6rAmYvqwJvL6sC6y-rAqAwqwIXMqsCXzKrAmAyqwJ8MqsCKTOrArMzqwKcNKsClDWrArg1qwLiNqsCojirApc5qwKsOasCODqrAr07qwINPKsCEzyrAnc8qwKMPKsCjzyrApE8qwK0PKsCqD2rAus-qwIvP6sCST-rAk4_qwKdP6sCh0CrAjdBqwI9QasCWEGrAqFBqwLaQasC80GrAjhDqwI_7QUDmjr6A_V0JARkN2EEVLLFBclYEwoD558Lz5P7EhXI-xKYzfsSlPb7EvwA_BKKAfwSNgL8ErYC_BLbAvwSpQT8EugE_BKSBfwSjwb8EsIH_BLPB_wSsPUDFfdWaxpqy7UuRxsHag&awbid_c=AKAmf-BxbvKhy894D_NGioRU_g1O80JZumQP7p0m6UneKWcBwoQ5Z9srhvLVhqyXHfjvs3GZQc07oB9OAUjkNQ1Bq9MXFcoUpaHGBZYyT2RiS5Mug35yVOh48hBuulj87R37iKujctZfHwj7CjvyesFebQpj13S6vMKgcX6-AtFFWn42HXoLOwqjimqh-S3DNgsuWcMgsRE9&awbid_d=AKAmf-AN3oTflBuJUJIXgdW3rJKfyHMmg08xUtjMhnOgDHX2B2fuiVy9cDidUHtmINkkKhbzILf2y2_3nu0OM_DSiTEZnlqdOxaQ7IYaG825xG2V2oPf6jO8q-UU1yzCCaZzFFSklah7hLvqg-puJheMDG10OFM-n_2JByk6Nav71EmGvmS6BT_6fDq4ADkuFKnIJl-C65rTbvJA9PXm7VsciMNvJq7cEyr2Bs6Tz_AuUOZLbk5Ah0CzuLuEcA3EXQqxHRqnpBneENGTuNVY93oe8I7QAZ2_uEqGltGK4NrA4FQrLp-P8qKP6s8xSE8ShPu4gob7kSyjW8hfWVXRFi3h7347ohhe9CptROiUuyDq-_BYi3OVWIYGsKWkgFx11AUGX5UTQYILxNvm0FKKw6i_K_QBYq_aPQtBaRJsQFDfD-rjALSUgicnFYA1WC2T5WFewFN9ViAvGAM860h8q65Q2uhMLPkk3o8OwfeMSjiFpnjCInFCMXjuUtRkOvA3GUjgxMoF54J0FtSGuefHjtvTl42f7LWiRM7IYnYmP3Mz2dafbdcXHgjV7UdjetEQi_VTOddiRZlsLnT9BiIqIadhbTQz_aBfMQRGFWxT2wLePLwQvMh5mCs2gTT5C223P3Y0szsmFpf5dk7wIPnmsYAvMI5DmsFeEXHveWTrnYGk3MXbKTJV9PEFyusWUG6XqLQKwcjm6uZ6DS37hYvhE6NXr07LNdxGFdCfq0fIwgCa0AdK1O9ejXtj2m5-Qs1GWEg-aMwGLDEPXsh6Eefap12goZsPZU7KzoUDJIsBk3SpRNshTQ2TymeftU-riRdA2-T4som3zwKYWwH_26dClZu_RPg6lSDLD0kzkImswVhFV5P7PUfvUyVjadKeZybXZsxmfjR2HSW7&cid=CAASBORoZVQ&exk=458091768&rfl=https%3A%2F%2Fplo.vn%2F&a_pr=13:Y2r-1AAAAAD6Pgxgy1lSFy3CXgpAsHVq0FRQPw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 00:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0136 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cd9bbf83c70d0dfea2e85680cf7cdcf3e81a799a4affcafcbc0504c1afcb90c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A669
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
17ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:56 GMT
expires: Wed, 09 Nov 2022 01:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0558 36 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 18:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 18:09:11 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 17CF 0
176 B 40ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 09 Nov 2022 01:13:57 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 cloudy.png
static-znews.zadn.vn/images/icons/weather/v2/ 3 KB
4 KB 1544ms
325ms Image
image/png 222.255.114.56
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-znews.zadn.vn/images/icons/weather/v2/cloudy.png
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 222.255.114.56 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Universe /
Resource Hash: b72482b1f2645ce47ca010e46d387e85a1c847a981a011e9bbb0b9ab89b71cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:58 GMT
last-modified: Wed, 09 Nov 2022 01:13:58 GMT
server: Universe
age: 49394042
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 3520
expires: Tue, 07 Feb 2023 01:13:58 GMT

GET
H2 200 flurries.png
static-znews.zadn.vn/images/icons/weather/v2/ 4 KB
4 KB 1866ms
647ms Image
image/png 222.255.114.56
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-znews.zadn.vn/images/icons/weather/v2/flurries.png
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 222.255.114.56 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Universe /
Resource Hash: d0243b4ebf399c3017d0ce2420bd3ffa97620966b08e68b2919641add6ec3321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:58 GMT
last-modified: Wed, 09 Nov 2022 01:13:58 GMT
server: Universe
age: 61507508
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 3635
expires: Tue, 07 Feb 2023 01:13:58 GMT

GET
H2 200 sunny.png
static-znews.zadn.vn/images/icons/weather/v2/ 3 KB
3 KB 1867ms
648ms Image
image/png 222.255.114.56
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-znews.zadn.vn/images/icons/weather/v2/sunny.png
Requested by: Host: plo.vn
URL: https://plo.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 222.255.114.56 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Universe /
Resource Hash: bae9ee227e8ec0b3aae87b488a8b7e8f568c75c30c8b87d03a01644a4e5364a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:58 GMT
last-modified: Wed, 09 Nov 2022 01:13:58 GMT
server: Universe
age: 49669079
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 3207
expires: Tue, 07 Feb 2023 01:13:58 GMT

GET
H2 200 fa-solid-900.woff2
static-cms-plo.zadn.vn/v3/web/styles/fonts/webfonts/ 127 KB
127 KB 348ms
348ms Font
woff/x-font 103.39.92.11
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cms-plo.zadn.vn/v3/web/styles/fonts/webfonts/fa-solid-900.woff2
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.11 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca

Request headers

Referer: https://static-cms-plo.zadn.vn/v3/web/styles/css/main.min-1.3.1.css
Origin: https://plo.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:57 GMT
last-modified: Wed, 09 Nov 2022 01:13:57 GMT
server: Universe
age: 33312369
x-cache-status: HIT
content-type: woff/x-font
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 129832
expires: Tue, 07 Feb 2023 01:13:57 GMT

POST
H2 200 t Show response
za.zalo.me/v3/w/ 191 B
616 B 633ms
212ms XHR
application/json 49.213.114.149
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://za.zalo.me/v3/w/t

Requested by

Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js?19305

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

41f46b259c52f2e73bab2862be16a5724937265fee7689bcc61688b8a12a5054

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains;

Request headers

Referer: https://plo.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 01:13:58 GMT
strict-transport-security: max-age=86400; includeSubdomains;
server: za-ngx-srv
content-type: application/json; charset=utf-8
access-control-allow-origin: https://plo.vn
access-control-allow-credentials: true
content-length: 191
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 598A 42 B
64 B 58ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvN5gGc6-uM6uG848YSo2-07X4nJ-Z4lH0hX8Lx3q2hvZFwTG5VtJCklcgQSDir0lBkCPsFCHNAzUKy6QKXvCWxIa37&sig=Cg0ArKJSzEmkSV4a_tDtEAE&cid=CAASF-Rov7z-Z8jg63rl2pjkej-FHkJl9AiR&id=lidar2&mcvt=1000&p=495,1085,745,1385&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2795064920&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667956436631&rpt=155&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0136 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFahevi0M0klnrk0C1jgh-_WlxSdsU0yhfGjwHuucIuWoUckJTGX3rpG1bjdBA1gQi_4d0v1xKy10ZR_vnoW2_GHVcDflu-wIR5_YtgcyITr6HUGqd-YFG05PtgbzMUmfZw9a__g&sig=Cg0ArKJSzNNuZ-setGj3EAE&cid=CAASF-RodZ2Xp_1vBBTqJweWbvUSU2yU-peB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=274594334&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667956436682&rpt=219&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 23ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa8085ffff290b42053a73f33f575787a154edb4b02959bbd924160cb247961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10823
x-xss-protection: 0

GET
H2 200 logofb_XTUG.jpg
photo-cms-plo.epicdn.me/500x300/Uploaded/2022/tiubpwvo/2021_10_13/ 22 KB
22 KB 214ms
213ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/500x300/Uploaded/2022/tiubpwvo/2021_10_13/logofb_XTUG.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 36bb55c39aa844d6ca9436c620d5b89f301ccca99f4e34da361f12d1ff82e752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:59 GMT
last-modified: Wed, 09 Nov 2022 01:13:59 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 22231
expires: Tue, 07 Feb 2023 01:13:59 GMT

GET
H2 200 dsc00887-2355.jpg
photo-cms-plo.epicdn.me/200x120/Uploaded/2022/kjxyqdxwp/2022_11_08/ 10 KB
10 KB 214ms
214ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/200x120/Uploaded/2022/kjxyqdxwp/2022_11_08/dsc00887-2355.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: 1d94bad4bb0222060b1e92208d27e4303495cf5f89c1ac38bf8bb8713c063717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:59 GMT
last-modified: Wed, 09 Nov 2022 01:13:59 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 10585
expires: Tue, 07 Feb 2023 01:13:59 GMT

GET
H2 200 cuong-che1-8708.jpg
photo-cms-plo.epicdn.me/200x120/Uploaded/2022/barutm/2022_11_08/ 11 KB
12 KB 214ms
214ms Image
image/jpeg 103.39.92.121
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cms-plo.epicdn.me/200x120/Uploaded/2022/barutm/2022_11_08/cuong-che1-8708.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.121 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: ad2d6e5318a45e586b090ecb7ae53008c889901d2ecbafa58ffa148ea77686c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:59 GMT
last-modified: Wed, 09 Nov 2022 01:13:59 GMT
server: Universe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 11726
expires: Tue, 07 Feb 2023 01:13:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 01:13:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EFE4 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 22:35:38 GMT
expires: Wed, 08 Nov 2023 22:35:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E24 783 B
534 B 19ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7096626c6eaa8d7a8d4fb41bbba634e004519c7393d3b57b3c86d9d89c3a4ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HCzDvmwS8r51syKor3aw_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://plo.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-HCzDvmwS8r51syKor3aw_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 01:13:59 GMT
expires: Wed, 09 Nov 2022 01:13:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame EFE4 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 18:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 18:09:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E24 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=1018791201672485&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EFE4 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1IDrHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:13:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 357ms
357ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5ODQsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4Ijo4fQ==&r=0.11239928243040342
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:13:59 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=1018791201672485&bg=!np2lndnNAAZPh4lnb4c7ACkAdvg8WvEMI_WAsvGTIXiknrPdKlRjDy3aBS_gH7Sk0iO9_x6ywG3KOQIAAABRUgAAAANoAQcKAM7EdVqfWieFluseObL6VmACu9L3RzJvN8cwippgqCd9Ab96h5KU8DyOHk2B3dSdhptc3feueD9z7mDuGZDVkEl05oNTv6De96EGTdswtpkYbfpWC1IKSD66-XWcgaXasB9Bs7XggKAz0R7Egkhup7KH8VFEkjMVnSoASHKnCII8j3BNlgJjnqU1JOsKqii3oRLys1W6DS0m8b-4MRtVaRjIcSN_IwPEOeJKIw1F7l5ev4YU6p4Nsc8NAShrTpNRIQC3Ej5tcpqr85JiN-iHBJkCjRu5qI2_gbMyHmnry3KsdvZliohs7ZqUbMYYinsQ1hQeSHIHB2UQiET7MRFHZVYdyJrcyw-A8-LESjJ_KMNbEfPA70i1ay63mOuFk-YJb-rXGbyilcnDez9qWwP8WwPJiE_D2pNJLW9CopFi4whivnvz_YIH7Y_7xPnWl_LIDMdes3dXQiuGWDVCFGue7frBRAzXSFSdzPy4NoTEoPaSDRGHe3_FusZm742NQVzkofDzIGEvqUivSnzVvIPYLbfQr2VMvrcmu38DaUDsZ9DAZWwSNiS9oqidJ3Zggg4SrhZZMEVVbZN_7sMpFIWZg5OQb8-UreQfFTJX11Eh2DXZeyf1gQJfzkyBtS0kRfa4dgPZPOwpTcABTUxrgj0e0AkaPh80Fbqx78N2Qs_a90zuACAfsBAwAG_c8ce_mc-1THEVQmL7ZR4Ycs5XWek7AR-wwGv94Ewt1mB5b5kxveplvda4TsIOdexmDfjrKQRZ93ONtefb6F4KOnlo_TTlMugqxQftqChZ13ZRmR_zpxcky4xLI8Sll8RhHAgvCyOq3xWRLfvaj3oO5N3V_XsOJY38t1HrptG1kj6dmZrFwKTy1j3MEY8q-OJS9Ce5aRoynB4uI2ob9oYvl4VfshlTAgdDL5KzZjo5ci9UBNT8-OAXk8GACg9EF7kJweCb5hS38pnAAxcWQ55r-_kvR5OGg1x_dzRC7mXqNV7dgiZuCUfLWoBNPEVMyHstsWrlmuliKc2uQ7TWSf6ZwMdxGV9otiZwZYhq_HaslhFBEhF2VfAsEZ6wTNrCGH-yc1SvlKteXpnS-LUrOklydpPX4rS1p9peCT6KWI3zWLDC3di4bDcc1M8qETBPH4SXxraUvYRH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 31ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LRBCS8D716&gtm=2oeb70&_p=553334027&cid=190760212.1667956436&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667956435&sct=1&seg=0&dl=https%3A%2F%2Fplo.vn%2F&dt=B%C3%A1o%20Ph%C3%A1p%20Lu%E1%BA%ADt%20TP.%20H%E1%BB%93%20Ch%C3%AD%20Minh&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRBCS8D716
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 01:14:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plo.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 215ms
214ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5NzksInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4Ijo5fQ==&r=0.29513514825571074
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:14:02 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 214ms
214ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5MTEsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4IjoxMH0=&r=0.041910346239424356
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:14:06 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

GET
H2 200 imps Show response
log.plo.vn/ 0
44 B 214ms
214ms XHR
application/javascript 58.187.8.9
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.plo.vn/imps?data=eyJwbGF0Zm9ybSI6MSwic2l0ZUlkIjogMCwiY29udGVudElkIjo3MDY5ODIsInBhZ2UiOiJob21lIiwidHlwZSI6ImltcHMiLCJzb3VyY2UiOiJob21lLWZvY3VzIiwic291cmNlSWQiOjAsImluZGV4IjoxMX0=&r=0.7595897907204796
Requested by: Host: static-cms-plo.zadn.vn
URL: https://static-cms-plo.zadn.vn/v3/web/js/analytics.min.js?v=1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.187.8.9 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plo.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/83.0.144 Chrome/77.0.3865.144 Safari/537.36

Response headers

access-control-allow-origin: https://plo.vn
date: Wed, 09 Nov 2022 01:14:09 GMT
access-control-allow-credentials: true
server: Universe
accept-ranges: bytes
content-length: 0
content-type: application/javascript;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%221583514341961894%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fphapluattp.vn%2F%3Ffref%3Dts%22%2C%22width%22%3A300%2C%22height%22%3A332%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fplo.vn%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ewnE3fw6iw4vwbS1Lw4Cw&__csr=&__req=1&__hs=19305.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1006570783&__s=%3A%3Awsgn1g&__hsi=7163818341496661058&__comet_req=0&__sp=1

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
plo.vn/	1970-01-20 07:19:34	Name: cms_timestamp Value: 1667956434477
.plo.vn/	1970-01-20 16:55:16	Name: _ga_LRBCS8D716 Value: GS1.1.1667956435.1.0.1667956435.0.0.0
.plo.vn/	1970-01-20 16:55:16	Name: _ga Value: GA1.2.190760212.1667956436
.plo.vn/	1970-01-20 07:20:42	Name: _gid Value: GA1.2.851549380.1667956436
.plo.vn/	1970-01-20 07:19:16	Name: _gat Value: 1
.plo.vn/	1970-01-20 16:40:52	Name: __gpi Value: UID=00000b7eb05db9e7:T=1667956436:RT=1667956436:S=ALNI_MZoj7DN8f7kbh8CypC1aN1knjo21A
.doubleclick.net/	1970-01-20 16:40:52	Name: IDE Value: AHWqTUnGs-BcJ68UO2AZzn4xcy5eWg5-YVMybOQwGKZ-juSzqNisyjXObXp2T0aL5Do
.plo.vn/	1970-01-20 16:40:52	Name: __gads Value: ID=98241bf6e6adaa8e:T=1667956436:S=ALNI_MZG0r1LaTyHGNOvt4VM04B37wKo6g
.casalemedia.com/	1970-01-20 16:04:52	Name: CMID Value: Y2r.1P6iWcxtSCeZt6TqpQAA
.casalemedia.com/	1970-01-20 09:28:52	Name: CMPS Value: 1152
.casalemedia.com/	1970-01-20 09:28:52	Name: CMPRO Value: 1152
.travelaudience.com/	1970-01-20 16:48:04	Name: _tracker Value: %7B%22UUID%22%3A%2259C00581-F071-49B5-B482-CC8443CC6AB2%22%7D
.simpli.fi/	1970-01-20 16:06:18	Name: suid Value: 9F3816E9D783436C84BD9BBAB694995D
.adfarm1.adition.com/	1970-01-20 09:28:52	Name: UserID1 Value: 7163818343789426829
.criteo.com/	1970-01-20 16:40:52	Name: uid Value: 22d1494d-e070-48b2-9125-bb3b37e4868c
.yahoo.com/	1970-01-20 16:05:14	Name: A3 Value: d=AQABBNT-amMCEO_HkCkmMhUZkVrCw_n0EXUFEgEBAQFQbGN0YwAAAAAA_eMAAA&S=AQAAAsQF7BZ31P6dSS3zYB9gAFY
.openx.net/	1970-01-20 16:04:52	Name: i Value: ab213e77-18a8-45c3-a2b1-6b19b802c401\|1667956436
.quantserve.com/	1970-01-20 09:28:52	Name: d Value: EBgBDQHEJ7jvsQA
.quantserve.com/	1970-01-20 16:49:30	Name: mc Value: 636afed4-d80c3-2a411-81dca
.quantserve.com/	1970-01-20 16:49:30	Name: cref Value: 1
.doubleclick.net/	1970-01-20 07:19:20	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 09:28:52	Name: CMTS Value: 5175
.zalo.me/	1970-01-20 16:55:16	Name: __zi Value: 2000.UeRXhfWF680ztAcbaG8QZZpSuwEU3L66FzpWgPCBN8m.1
.plo.vn/	1970-01-20 16:55:16	Name: __zi Value: 2000.SSZzejyD2D8anFkWaWzSp6hAu-BE7LRIU8ZnzDmI2DfvmRd_rHyAr7Z1y_dQ447SUy7myzSMJDO.1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://plo.vn/ads?object_type=2&object_id=0(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lamthong.net/plo-ads-text-link/text-link.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://plo.vn/ads?object_type=2&object_id=0(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lamthong.net/plo-ads-text-link/text-link.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

82ec45c29cfea15b195c3ae41a94bed4.safeframe.googlesyndication.com
a5212.casalemedia.com
accounts.google.com
ad.vietbao.vn
ads.travelaudience.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
casale-match.dotomi.com
cdn.adbro.me
cdn.id5-sync.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id.sharedid.org
id5-sync.com
js-sec.indexww.com
lamthong.net
log.plo.vn
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
photo-cms-plo.epicdn.me
pixel.rubiconproject.com
plo.vn
pr-bh.ybp.yahoo.com
prod.uidapi.com
region1.google-analytics.com
s.amazon-adsystem.com
scontent-frx5-1.xx.fbcdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
service.baomoi.com
sp.zalo.me
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-cms-plo.zadn.vn
static-znews.zadn.vn
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.teads.tv
tag.adbro.me
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
za.zalo.me
za.zdn.vn
www.facebook.com
103.39.92.11
103.39.92.121
104.18.13.76
104.18.19.126
118.102.1.120
118.107.68.21
120.138.69.5
15.197.193.217
162.19.138.118
18.190.138.48
18.66.97.88
185.80.39.216
185.86.139.104
2001:4860:4802:32::36
216.58.212.162
222.255.114.56
23.35.237.56
2606:4700:10::6816:31fd
2606:4700:10::ac43:266a
2606:4700:3034::ac43:b35d
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::200d
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:2eda:8ed6:2a73:2027
3.248.126.7
34.102.146.192
34.120.135.53
34.91.62.186
35.164.244.115
35.190.0.66
35.244.159.8
37.252.171.84
42.119.138.3
42.119.138.4
49.213.114.132
49.213.114.149
52.46.151.131
58.187.8.9
69.173.144.139
72.251.245.181
85.114.159.118
85.91.45.126
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02262a4db41927336604e65fe2616cd891caed73b7225c1993005b616191de5e
0374f3fe6e40e582b903e3bddda916b72f1443db55e064b85a1f1133ad3464a8
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
0a1b0b6c66c8084f6e540dd5815a03328f60998722e0e4746f7adc745b2a1ebd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
0d48602f9e7233ce605d34c391ec86a2621f984240f2bac446ec74f21e1c21db
130bbd202ee48cf203f1df0aafcc77f595582b602bca45dbebd995c494b8d235
141f7cfa2576b32a973e9b0cbc41b1ee209e2c6239187192a233d1bc6428754e
15a4594f39269de6c199e97983676ed8454df2e6c1993bda495bab182b425fcc
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
191ec7ee596a341b70d131a88f99ed428c69240f95592d0fa24bbb6a2ad5df14
1ad5e29f418f9b90633a32e4010db0cd4d96d628ce221e82fcb405cc5ef75941
1c1271f22186320e080f0246fdc22aac3bc86ca864020f4c9b276595f617ef40
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d94bad4bb0222060b1e92208d27e4303495cf5f89c1ac38bf8bb8713c063717
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
242a46fdc8b745c03c13f88a0af40ef698ca0f3e76abe4a0c0b723dcd41fb07b
26611e4f579c7c6d9bd06c96e10d7780c5da29037b9ac1571a4b953f27b5fd31
27197bc78f713559d09be70f7c08c0554479827fda911b3ceb0100f363408edb
283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251
29cb46aa7e5b570fbffc16785a4ee48a69628958f516099c054937f0b0232d7a
2a2e9346be0cc64818d83a599ecf2aae5879529aee3588db66bd71f758ec1539
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2c78ff3850e52955ecebd7eb0719ce993c805ef1c60aff68fb3a2e7a1cb217dc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3208e822b36b43e19f1fa7511ff577ef39a3b538bbecbf72b692062a2435c8ea
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ef4a5b240ee0499db963bf021ea260a035db0a7bca533f08c4d1c72f27f990
3685b6b1c0b6bfe474653625f3b66e47a7fbf5be3436e13e9059f90fab7fb699
36bb55c39aa844d6ca9436c620d5b89f301ccca99f4e34da361f12d1ff82e752
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3cc0172cea6b1e559341d15496ac37b50187a8f78732245c9e5eafab45e9388c
3f899da194038dcec12f8f8c7a988bee7674734e73381071e0a5c8966e55aebb
400a2c0ad45dc7bb4739f9888e8735f473e0dc3cbd3e8a721a55384666555689
412f813e42b962207e03410681458008b60f33c89525b93ca118af32522785bf
4168a2c525379d43f6f3cbbddae374bdc37d37b574d25686a35f59217ff23dfb
41f46b259c52f2e73bab2862be16a5724937265fee7689bcc61688b8a12a5054
41fe4c106f71de7b1c03731fb52d2ea632037c32c00f9c792c1827cd506c92c3
426469345a2bfdeedeab9cc9cffd0bfb8ed70bf190a054310b78b3202f58a3e4
44f2a78da269d911d91a070b1bbadbf9fcc73ace74fac2ab9576aa4b7e5db139
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
461189520515f66d47ef4cf55e7b1b6eeeb50c209e2617f86fd1733ed169d7bb
46738425fafc7042b59a42c48257b639a122d749dfc9c9e82e8d79acf5d4f1e0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46bb0ac0f149c7ff79caf4d68734fa5fd5f73ea15a3561c88c7bf6ebc41e7bbf
46deb0623af013caf381468bd57b38a1535d4822f9cc5bcdedccd1101d1b8d98
4aacca831b83a96f72fa732f558a165cec229e6e239f5f7916368096542a5203
4cd4d90997d3194d84d1003fa9395353f67c41cad99e204ef7cdc17b545267fa
4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444
50300fe1323a1df90d71d6469548d25ef180a9040f2b06290b00614251c2c236
511bb2e3d878baab516a36f721819aa1c99a0e7ca1ffdaad02aaefdffbf87445
543544fba4d0f21ecb675ae4bb690b79d6ccf1161899fb93235f56e0c668a9d8
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f5d35dd901cf370a61e3f4c742e8d6557d8ccbf9f625b2d3f9cf02eb437c96
5e824867389e54de7dc9a3c5a8086f4fbd7d7d8598ab42f081d9a08423fb4f8d
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
60a562c712c085e30428843d0c0fa06b27eaa66b08d0a85d87b85be35bf86b5a
60b62ddffe030af02554bb5ee400e37c03f997e4c4835d3c26d3a9587fbf0da3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
66f72463bd52ae268a9f43c365db5eb74532ac27e254abcb780c3e12a40e82a8
69e3d3e5b711f872238cf2f3b04df1eddb9f5430656080c19d5d8b8292017b94
6b6550b2f9fea7e304ba67d5eb389e2c58e9995148ca4045316dfac53bb3b3c1
71a90c5ef1ee46ece2287dc6ac982c3a179ebca258777c19246f6289bab0511c
75e1288eafccec8fc086d1e37b792630fc9d957f21ff8dd3b252e806148e47d7
771abd1add79f1f2fd45efbd6dd1d701d34cb084d3aa9d0c5ad995b5eee52e08
783a1d660f81daddf7e3e8bc45d3282db7530043d6c73308dc7820579a8ff0b6
78b37c3280b5bec564df512700bdbf46521f69ed77e54d7c05c5b2332cc5da84
79a5ceca1bf60ca91ea20aeae9f5feafa095caf6eb166ec64d9a19b332c01435
7b4640e152dbb51406fa94da8fe5738fc94366101b505f6f372aebf9510039be
7cd9bbf83c70d0dfea2e85680cf7cdcf3e81a799a4affcafcbc0504c1afcb90c
7ec7000aace2b3ee19e7d17ad2c8a9a7048ad229e720b2cffcb170ec0a8395f2
82d59d4a67f05087d33fcdd3840c7dcca55001e982da11856c3060d6ae68ebd0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa8085ffff290b42053a73f33f575787a154edb4b02959bbd924160cb247961
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9099f8317b15d14ca7249548938140253564acd4952f12d731fdae462431a5ca
90b2fd3c547ae634192953c8b82fa5c93eaf956e03afb06e340e3c51c7cdb72b
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
91a408b712315c33bf225c02e50887bb8cee29fe1de1f51a36812bab3e3f6c7b
939ace9629a53d60de167ee6e0b9102175034a862021ed00c2b6febc93cc13d1
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9778d9bc81a3011b90d6e45944df383a02e112c1c2a31bd88626aa22fe657e88
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
a27722f4eb19bdf232ac33824c088d200b64988a5dabf56475d89681cb70ec66
a3c4214dfb9c716ae93172dd0b5cd594e9026c5de396dc8767525520021932bc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6a415d4ac9990d32cac3107c7b4322156955f658913c4755fba324bcafcb516
ab28d3e4f137101e0d446bc8fff2eb89c6acc2634b7c88d0c6dfbb5f1e4ab62c
ab833b47fa1778ca94f2b4707d533e159c19509af1f5626920ee3ddc139f8c6a
aca4a5d60d530d119d41a49ae2c5aae46e0009fa93a4ee961e9e334744594a01
ad2d6e5318a45e586b090ecb7ae53008c889901d2ecbafa58ffa148ea77686c4
ad758f865e95e1b7a629639ddd2bf951d24fb81904550047ba769182afe2c27c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af51634dd92a135b5233227f736f0674900a72c4222a9f901b6f3a58f19c38f1
afa3c99acd2d860dd8b8d1e3f0eedccba616050b362fd4edeaa051d152e51fa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31df36a41395cd616e0d1c6230fc2bfff9546e039ce51f7dbe2feb96c29f251
b39a106e9535a62335ef4f368939590cb494b1b758e3b8995d38dd2c97391932
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4929317f257459f37698da16005c69abc0f5d8e282aef5436ac36de42c6154f
b59f1545c956749f310db159a3b9443b11b50184d03b36c268734d886336e01d
b71eafdf7b6a7dd838a13f9e12c44b03ec72c138f291b723ef8a800c8dda8358
b72482b1f2645ce47ca010e46d387e85a1c847a981a011e9bbb0b9ab89b71cf8
b748cca0969a746acf4ef67beb755467ce57f5356e79459b90213a493d4e8d9d
bae9ee227e8ec0b3aae87b488a8b7e8f568c75c30c8b87d03a01644a4e5364a5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c027ebd1c4192b5327c3194990a711b4081ea32a118e16f0d16a82f731ab3368
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5be99f97fb45115073efa3587e760bb9b312d2d8ef859ebd7931201d6202741
cc83138bf06da125f0bfdbd946a9c75a8de73231aca18e73a70a4d46b47976a4
d0243b4ebf399c3017d0ce2420bd3ffa97620966b08e68b2919641add6ec3321
d1dd75679c31a908f45f780b1642556347aca808e411c1e093b160a9523865d6
d23360aa9771de578d1901f1418e1d873402c915cc8c34895c16b7769f3098f7
d6c4e87c95c77ee93ae2d74214b2555f04138d9e63f108321186e84785a69a3b
d75efe3c426c5e94a80e09a4b0e3e18d9af010e51bdca23cd53edce34eca0287
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
d7bf4f54eec81265709736aa5732a3d97e65d0c46558b6add2ece0a6b5e1a7a0
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
d9f6ec62a4ed1b9b7405cce8ca1c9c95661c3850e132e952739993412687e604
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
db34c4763372b47f7d82ac77b93c905a6590fb676e5d224dd6a618f9974ef39d
dd2ad0156905a8daf33187224b46ca38b4aab45601413b54968ef4427b5bf45b
ddd7611b6f7a9db15436891cdcb1c8c4fffb9b10a8399a47542a5a8386465283
de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135
de73224ce1835eacc8405d9b93a6a3fb6adba004a3a49fe5ef6e54d00a7e5c43
df6ae6b429c3ac95fca89e849f94af4e386ed765687fe38aabbc75de212055d1
e0be519914da416fb8d4589c687215e9a77c200e51680c6edb30f67144aa66f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78415cad6e6fa06204a916a2f7ba7ff868c6b7a0cf3e564c75e69b8011c4d05
e8731e19e71723ddefa89250fe22f1f9dc976998ae6bc820816b8559b9de2d2d
ea20eed57698c827bf91d418799bb44a4555205a47d1a3e311f88fe1760b5d0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9
f28bb67943d02b75ca344e7d7403636d1174bbf9af444c11d4a0fd5cc0f8da0c
f7096626c6eaa8d7a8d4fb41bbba634e004519c7393d3b57b3c86d9d89c3a4ff
fa7660516acc86f819003d6cd303c45c2feb0a584c0397dfdbe44289f3bba5aa

plo.vn Open in urlscan Pro 42.119.138.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

93 %HTTPS

42 %IPv6

43 Domains

63 Subdomains

52 IPs

10 Countries

2443 kBTransfer

5719 kBSize

24 Cookies

12 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

plo.vn Open in urlscan Pro
42.119.138.4 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

93 %
HTTPS

42 %
IPv6

43
Domains

63
Subdomains

52
IPs

10
Countries

2443 kB
Transfer

5719 kB
Size

24
Cookies

199 HTTP transactions
3 data transactions