www.24h.com.vn Open in urlscan Pro
103.151.240.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.24h.com.vn/
Effective URL:
https://www.24h.com.vn/
Submission: On August 31 via api (August 31st 2021, 8:28:11 am UTC) from SG

Summary HTTP 318 Redirects Behaviour Indicators

Summary

This website contacted 76 IPs in 13 countries across 46 domains to perform 318 HTTP transactions. The main IP is 103.151.240.80, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is www.24h.com.vn.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 7th 2020. Valid for: a year.

This is the only time www.24h.com.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	103.151.240.80 103.151.240.80	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
7 49	64.185.232.226 64.185.232.226	18450 (WEBNX) (WEBNX)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
7	85.217.188.5 85.217.188.5	31490 (NETIX-MGM...) (NETIX-MGMT-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
1 3	13.224.93.91 13.224.93.91	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	125.212.247.127 125.212.247.127	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1	125.212.247.143 125.212.247.143	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1	2600:9000:219... 2600:9000:2190:2800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2 30	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 4	34.253.169.181 34.253.169.181	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
15 17	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
5 14	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5 7	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.140.155 74.125.140.155	15169 (GOOGLE) (GOOGLE)
2	54.76.195.222 54.76.195.222	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
38	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
6	13.224.93.66 13.224.93.66	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:13::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:e::7	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2 2	213.155.156.165 213.155.156.165	1299 (TELIANET ...) (TELIANET Telia Carrier)
14	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	52.215.67.233 52.215.67.233	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
4 5	18.195.184.159 18.195.184.159	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.45.16.192 52.45.16.192	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.233.75.25 18.233.75.25	14618 (AMAZON-AES) (AMAZON-AES)
318	76

4 103.151.240.80 (Viet Nam) 1 redirects

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

www.24h.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 64.185.232.226 (Los Angeles, United States) 7 redirects

ASN18450 (WEBNX, US)
PTR: 64-185-232-226.static.webnx.com

static-us.24h.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image-us.24h.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 85.217.188.5 (Bulgaria)

ASN31490 (NETIX-MGMT-AS, BG)
PTR: c98f0e6.helph.info

anh.24h.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.93.91 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-91.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg3431.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.212.247.127 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

thongke.24h.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.212.247.143 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

search.24hstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:2800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.253.169.181 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.66 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.53 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.195.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-222.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.93.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-66.zrh50.r.cloudfront.net

visitanalytics.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:13::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5lzned.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:e::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5edn6r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.236 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.67.233 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-233.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.80.231 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.198 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.184.159 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-184-159.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.16.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-16-192.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.75.25 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-75-25.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com 2 redirects pagead2.googlesyndication.com 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	494 KB
61	24h.com.vn 8 redirects www.24h.com.vn static-us.24h.com.vn image-us.24h.com.vn anh.24h.com.vn thongke.24h.com.vn	1 MB
42	2mdn.net 2 redirects s0.2mdn.net gcdn.2mdn.net r2---sn-4g5lzned.c.2mdn.net r2---sn-4g5edn6r.c.2mdn.net	6 MB
38	doubleclick.net 15 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net	228 KB
20	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	505 KB
20	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	37 KB
13	casalemedia.com 5 redirects htlb.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	12 KB
12	google.com 1 redirects analytics.google.com ampcid.google.com www.google.com adservice.google.com	2 KB
10	adsafeprotected.com 2 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	206 KB
8	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com	7 KB
8	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	18 KB
6	userreport.com visitanalytics.userreport.com	9 KB
6	smartadserver.com prg3431.smartadserver.com rtb-csync.smartadserver.com	2 KB
6	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com dis.criteo.com	7 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	39 KB
6	googletagservices.com www.googletagservices.com	200 KB
5	bidswitch.net 4 redirects x.bidswitch.net	2 KB
5	adform.net 3 redirects c1.adform.net	2 KB
5	ampproject.org cdn.ampproject.org	102 KB
5	google.de www.google.de ampcid.google.de adservice.google.de	924 B
3	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	bidr.io 3 redirects match.prod.bidr.io	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	121 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	admedo.com 2 redirects pool.admedo.com	715 B
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	887 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	indexww.com js-sec.indexww.com	2 KB
1	adentifi.com rtb.adentifi.com	88 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	simpli.fi um.simpli.fi	611 B
1	onaudience.com 1 redirects pixel.onaudience.com	399 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	consensu.org quantcast.mgr.consensu.org	6 KB
1	24hstatic.com search.24hstatic.com	603 B
1	googletagmanager.com www.googletagmanager.com	61 KB
1	criteo.net static.criteo.net	39 KB
318	46

	Domain	Requested by
38	s0.2mdn.net	www.24h.com.vn s0.2mdn.net
30	tpc.googlesyndication.com	2 redirects www.24h.com.vn securepubads.g.doubleclick.net 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
27	image-us.24h.com.vn	7 redirects www.24h.com.vn
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com tpc.googlesyndication.com fw.adsafeprotected.com s0.2mdn.net www.googletagservices.com
22	static-us.24h.com.vn	www.24h.com.vn
17	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net
10	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net um2.eqads.com
8	simage2.pubmatic.com	ads.pubmatic.com
8	www.google.com	1 redirects www.24h.com.vn 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com tpc.googlesyndication.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.24h.com.vn 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
7	anh.24h.com.vn	www.24h.com.vn
6	image2.pubmatic.com	ads.pubmatic.com
6	visitanalytics.userreport.com	s0.2mdn.net 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
6	encrypted-tbn3.gstatic.com	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
6	www.googletagservices.com	www.24h.com.vn securepubads.g.doubleclick.net 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
5	x.bidswitch.net	4 redirects ssum-sec.casalemedia.com
5	c1.adform.net	3 redirects ads.pubmatic.com ssum-sec.casalemedia.com
5	encrypted-tbn1.gstatic.com	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com www.24h.com.vn
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	prg3431.smartadserver.com	image-us.24h.com.vn
5	fastlane.rubiconproject.com	image-us.24h.com.vn
4	googleads4.g.doubleclick.net	www.24h.com.vn
4	dt.adsafeprotected.com	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
4	www.gstatic.com	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
4	fw.adsafeprotected.com	2 redirects 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	www.24h.com.vn c.amazon-adsystem.com
4	www.24h.com.vn	1 redirects www.24h.com.vn static-us.24h.com.vn
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	match.prod.bidr.io	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.de	www.24h.com.vn
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.24h.com.vn
3	sb.scorecardresearch.com	1 redirects www.24h.com.vn
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync-tm.everesttech.net	2 redirects
2	pool.admedo.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	ade.googlesyndication.com
2	eus.rubiconproject.com	image-us.24h.com.vn eus.rubiconproject.com
2	ads.pubmatic.com	image-us.24h.com.vn ads.pubmatic.com
2	js-sec.indexww.com	image-us.24h.com.vn ssum-sec.casalemedia.com
2	gcdn.2mdn.net	2 redirects
2	static.adsafeprotected.com	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
2	bid.g.doubleclick.net	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
2	encrypted-tbn0.gstatic.com	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
2	fonts.googleapis.com	06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	analytics.google.com	www.googletagmanager.com
2	bidder.criteo.com	image-us.24h.com.vn static.criteo.net
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	token.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	r2---sn-4g5edn6r.c.2mdn.net
1	r2---sn-4g5lzned.c.2mdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	mug.criteo.com	www.24h.com.vn
1	ampcid.google.de	www.google-analytics.com
1	quantcast.mgr.consensu.org	www.24h.com.vn
1	search.24hstatic.com	www.24h.com.vn
1	thongke.24h.com.vn	www.24h.com.vn
1	ampcid.google.com	www.google-analytics.com
1	hbopenbid.pubmatic.com	image-us.24h.com.vn
1	htlb.casalemedia.com	image-us.24h.com.vn
1	imasdk.googleapis.com	www.24h.com.vn
1	www.googletagmanager.com	www.24h.com.vn
1	static.criteo.net	www.24h.com.vn
318	90

This site contains no links.

Subject Issuer	Validity	Valid
*.24h.com.vn DigiCert SHA2 Secure Server CA	`2020-10-07` - `2021-11-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.24hstatic.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-24` - `2022-08-25`	2 years	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-18` - `2021-11-17`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.24h.com.vn/
Frame ID: DE25AE35209AC534EB5834C4F2A451DB
Requests: 107 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.24h.com.vn
Frame ID: B318FB3EFA03E01407EF445A5ED7B033
Requests: 2 HTTP requests in this frame

Frame: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9DDAE34AD15A85DCC0C821F9C92EEEED
Requests: 1 HTTP requests in this frame

Frame: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1EF18037E305B3892DFB357034E9DEE0
Requests: 22 HTTP requests in this frame

Frame: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2436273A17BE319FBC8F916CC99E5A91
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 04FEA29CE2F3A5336A0A2B3CDCCF1408
Requests: 17 HTTP requests in this frame

Frame: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86FAC8649EC646B853A29322CEEDAA9D
Requests: 17 HTTP requests in this frame

Frame: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 30F521C50FAD88E145E4FB1B27C1ED40
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNXKJCzcTgTBk65IQejKW9n6u77MWIOu2tlXqplxH3U9vOWtzH-zJWxqwiQawErf5e3RebP3a0NDnB11tLnVZTpOfWGgeTgXK_2s27zgc0lQiTn5YOtq7Yai3U_xkpj2G6G6YI1Gr3iocMxCjfbEVy4GkHaoYMpG-GIVSQF-KI9J5CwXUR4
Frame ID: CB3068D60E15E1019DD6D95E1D3B3E00
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNWDUBs5tjcMp-zxVD5Hq7qVdIQLZxkyE-_hZ0k-36vLz8Ko-M68vFMoAg3pWijxgU8-uLV7YhI-3_v4OqaB3unoqdE7WrvBXpj0f9pH8WKvs3lqMc02PHAF0R20a-F64_dhl8g07fIkFPBlthKTGj9tWjrBU4V2r_AmlnJo8WUFhnBdN-4
Frame ID: D733A099C8D51D4D336E700BB5B7AB1B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0D731EB4E220EC8009FB45B4404BE831
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6ACCCE7CA8ECFE31C090FAC590BEDEF0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5359DCA332D7C761B0F7BEBAB67C021A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 090A97A854A93BB9D7622C095459BC65
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 198B3DFDB15A43E0784F0C9CFCBC6D14
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E3E6681051A53D77D55C874952F90A5A
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
Frame ID: 65250702DE17228D554F0D2DCB17513D
Requests: 21 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
Frame ID: 1D4D001A7BE89CBA0794F560447CBE34
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: 3B616246EAD2439F1CC8192FBD8C0D74
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 36E414B159361AA0B31427D18E388CFB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C6D3C73745CD2CACA81B400A8ADA1BD8
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 632E16E041E3641AC626497D967882BA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: B108975DC04D63773E53622E47BC14DA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EFD73A6EDF419D9A763F316D9B3C5CC2
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE
Frame ID: 42DE4E21E6EA5E1E5F0EFC571A784868
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8976707504614790935
Frame ID: D35D07E88617B3DADFB6DEBB8851A7A4
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 30DC70DD7D0499BC333CBD00FA9E6A59
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002508142491728012
Frame ID: F68DC17D6156F796BE921F53B54E1E71
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABmWk7CW9AAAB_u0MSjvw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 18473A4DD7A61CF760EF26ED2B7851AB
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 23444D7224D243E1D2361D241EC9254F
Requests: 2 HTTP requests in this frame

Frame: https://visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=tssxi8y1t2&v=1b&med=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
Frame ID: 6701691FB5314D702B2DACCBD6EC17B1
Requests: 1 HTTP requests in this frame

Frame: https://visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=ytq9zbekqb&v=1b&med=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
Frame ID: A588A3643CC1EF7AEA458B91B1A5690E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.24h.com.vn/ HTTP 301
https://www.24h.com.vn/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

318
Requests

99 %
HTTPS

42 %
IPv6

46
Domains

90
Subdomains

76
IPs

13
Countries

9350 kB
Transfer

14249 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.24h.com.vn/ HTTP 301
https://www.24h.com.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-soccer-ball-96-copy-1541383138-270-width20height20.png HTTP 301
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-soccer-ball-96-copy-1541383138-270-width20height20.png

Request Chain 6

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-increase-96-copy-1541383138-358-width19height19.png HTTP 301
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-increase-96-copy-1541383138-358-width19height19.png

Request Chain 7

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/thitruong-1541409305-47-width20height18.png HTTP 301
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/thitruong-1541409305-47-width20height18.png

Request Chain 8

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/heartbeat1-1541383138-349-width20height18.png HTTP 301
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/heartbeat1-1541383138-349-width20height18.png

Request Chain 9

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-smartphone-tablet-52-copy-1541383138-560-width20height20.png HTTP 301
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-smartphone-tablet-52-copy-1541383138-560-width20height20.png

Request Chain 10

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-globe-962-1541383138-743-width20height20.png HTTP 301
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-globe-962-1541383138-743-width20height20.png

Request Chain 11

https://image-us.24h.com.vn/upload/1-2020/images/2020-01-17/thethao-1579244755-985-width20height22.png HTTP 301
https://anh.24h.com.vn/upload/1-2020/images/2020-01-17/thethao-1579244755-985-width20height22.png

Request Chain 82

https://sb.scorecardresearch.com/b?c1=2&c2=9634358&ns__t=1630398472535&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&c7=https%3A%2F%2Fwww.24h.com.vn%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1630398472535&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&c7=https%3A%2F%2Fwww.24h.com.vn%2F&c9=

Request Chain 94

https://gum.criteo.com/sid/json?origin=publishertag&domain=24h.com.vn&sn=ChromeSyncframe&so=0&topUrl=www.24h.com.vn&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Cd0jJHxKU2xkT0xGMEdxVEdiSmhVUlo0UzlobkxKc3FDSjhySFNsMnRGakNhR1hScEx4S2wwTGk2N3d3WDdac2RndlJNUVdLUXdDa2k5SXZUZmRqSU9WcmVsZGx2aWkwbCtLSVo3SU81T3JQaHFXaXNSc083WFhRZmJnMTR0ODRCRkxYbitxK3dzOHpwVHJvSjZZS1Y4bGhqVzRVZ2JiQU1oaWY3QjhGWUFlT2FWdVBob1luRy9DOGVUWE1QblNHTVhrSDByREJIb3ROajhjdHVZaXFaZXhCeUxrOGxBU1BSdmN0Y0RQaFplTkgwR1I0PXw&cppv=2

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 163

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDH5IzPYxCwCRiwCTIIXYfKtB7UCqk HTTP 301
https://tpc.googlesyndication.com/simgad/9773480289729446073

Request Chain 178

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDH5My4ehCwCRisAjIIhc-0bMAo2ZY HTTP 301
https://tpc.googlesyndication.com/simgad/12227418558195100007

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS3oDV8MWkkQN3VLOFgngAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc= HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMjQwMDc2ODEzODU3NDMxOA%3D%3D

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1A7d5wru27Pf5wG3i5GF0&google_cver=1

Request Chain 191

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS3oDZbo7aCwBp20o-dfDQAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YS3oDZbo7aCwBp20o-dfDQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtZE-IRtrA80uIbV1J_fOs&google_cver=1

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1

Request Chain 193

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4MjMwNzk4ODk0NTQ4MDI5Ng%3D%3D

Request Chain 194

https://fw.adsafeprotected.com/rfw/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3HjkPQgVNUwPFSHRyt71j8MUytKD5dlDqc085AOMyyTPShrM9K1Yo7q-g7ecdE4mbhXNCNlCDVLeetLuimI3zvxH7-dxLOT94SAulbtEqkSAKAmf-BbjUPRmi8p99lyTH7KJfoq1RIF0Ci1Ix4O0n8tfzu0AEEQmTCuuBudLOl2oloQ3SooBuTL8CtztAO1x4dP9h_hvpB8viZl8n_xP86Kv1wHGlH4cqzCGumjF6hS9GLO53KV1MiDT_QxHrsgd7IVMoYMgMkCgjJEe1YY9JcXlg9ysew3C9DfkHkjZaVwxHY2n5KxSQ3Y5-rXHcNgJze-Z1b7UC6E_XdY-LI2lhX1xXyWBdVqTCtg-g-AHqrMoQSsWBbDdZHl7-9su1NtcfYKMZbM2HXt6FEozwntfN5QXaNU6pe0bFNSs_odcI_NtDrnsmqY1SsWsa2xdeH_YKC5Pke3Du6By-V23KrqZ9t3F5R0hyKIcgMkaKoXxJ4Ueql_fEPtXxKyKOBLPiDARz8hnrFiPLYWQe9tRWWtlliZ1zo4d0lK9AYZpqAM-_Rn40vpgQGRUC6WAODRLXYc0o6MzAiDPvyYVF4e_WfUnmsTE2a9HVKOKTLa6LQLC4aArg9-whqa59FMxsSHxSvzDI9W8AuNg65vBsUZxPe6gW5IfxEzjjZ6auEzGdy7GFzCktStWS9iNpeld4pN1szd-Js2V9ClBofrjLknIVHU8P7eBtmgpon9rjue87eRaDUKUHdBOT0-8UWbWjDN4W6rY6gtoCzO7nbHmSpri-TxpFJXDM8owVG7L0Ko44rieFgdbDKVTR6y3hX4fTclEngIG4XrlnVfSJBLcE9ZRTTaWqggvse_4lHHNTO7ywoWyxQB2tmYlfzxn7kGam8RTIDOqUwSRHiZy1OIWt2agLcAX0HzrPTQ_68F5YLvo1ydlvXIFLUd_mOX0Sc_H2qBYGag3xiWCXhrRSK2nSD_IWPZxMjIMHZj8Jh3GCKYM4Wt_n5JxTWf43ribT690j8pHJanPCq0UqHB7CqPt4fAM26WfM74tup7ow_RYyQKhkXI9MSZLcxYhY_IVnGtjM_cgeNxmenN5V5G-mHtRq_UQ6tyaPvjDBtYci3NJeBz5C3s8YXseeoMBZvPSFb1apftew33CL0PuF-gYeGgMzXB2pPkBQy-fsbQG26GtSqM0GZ-ms46FaDOXbGGh3KqXmFcNcOGoPSzSl5OXF39Bl4UB1cpEzV21_WZIgGuBZ2FKyxN5YLq0IL6dSujctbkjKKYdDYoJd9rrv3Wi7IKDMmyJCkkD0IZVCG3FyZerXyw2MfnhSG5dkwtgh0dzg6naXFwkg_OuIpx0btNWKToRTV2eb0FYbvwJVQ6_UbSXAEosirOTI9zRYW3LoLXR1NUrzqp6SnrsEiiqJ2gxSZFDIp1ajFwlYW2O_8Bvov9z5Z9PpN1WfgP6i62bwUmozMta4WUdlZ1xQ_aIXv0Z4frCjMHa-BcUAy_-ZuKhizvdRe0PcGmeTcPD7lIOBfsF9K7lu8CrhSJVnirajK4Gh2AFUYsH0zPXbEuCsngONt38fmS0ls5XBsG5CtltL8GM03qSKQvVRsRFOxfBExCWUCvqKl8neRHygZsZbRXXY1o8s6BFilVlkxMME9yvj75NhLuu3lWqTzzSO8OOLUFtjcUQ_PD386-EF4rpMH6zczMT-jO5iDx_LFWCtiEdHf4YhpICRdoQ-cNK0uxvPmUo57QSZvcfYInVKqzeGn9zIsCKs98ZXgXNW1Ga_imMrbV54LnWSWsTm-2HMjsJiekmXBDEJCO3L1f9o5jeWv-SbwK2s9aCwJYOz9b3bdHoaw3wfGNporCNcpdgkRhAR7spJwLYQKZrXnA_w6KDPEG1DsRCAUm-EpDRoHH1XQULLGCnXglwhYw92IV_9QNEO-EA_AqUU1z7iLoxKc25K0sPWKyu0BcWrLJhUFiWzgBbmws6U1w6ZAafiA31UqjbgjFmdkoppndfjrIEgzxyhU88KjTragIR0Bmg2pRTrjXTuroOqiiLdqP2HkzolNs8QJJjeOPqK0L3NdoexFbBBsrmDq-D29wjcFEmGfSTA4KIa3smstTpG5sr3FV3hZ8aHupL9fw65cw1vkV6G3TM8-KjpJDJwQkErD8oV7vriE85o0LxEBgjkWCNRK4enK7LKiQn6QX5FWFMs-_ulMUwcpHAE0_B9ed-JJChkpAeyDbcFR2x7NwkEROHoYBcM5WvkmEp3IXSfeZW-nwnkJwDp2ZSx_g40bkWR3TTW2_6dk7EC3D5nXYsrRSmoMBenv5XTKsdP8SHLV2FFlRCLXAgG6Bi40qHPpY-1XYeNQk4VkeiGX7ep1ET5GF5tODpxv_oKzBqonCmCZioB2TdkSek4hTt7op-ueDMY9rDOsWTsd0lQhBlEZgyOB23nfJYaQl2imWnvChS-jp2eKv9Sua67f57Jk5gP1FS5ZqkLhZ6m5imdEeG4X26VfurM2iTwLMnFTWfFVtquq2R_OPmQ4WT5Wemfz_P-LRqSdF6S2rYvM47gBYZfi7B8ECTCAH9Oc_kslWb3hh7ORUiS23hQuPWxxkowyxlTnCdXBr-QXWaYqvr5wnzs755UgsVdvn5hyw4Df4BmEdkgwpLUD8Ktf_M2kr8jS-XPar3CQYf9wqqtiCHodJ9P_umpCmnbicOFfSiBZp_XnW6Lk03iHqpz4UK30hWgciQflTrwTG-gDsnNgqZqMwokxiP1NYCTS-U6Xb9BhZdFnB4cze_DPaYHyVdQbuxXw6LXol-QExkcydLEIUzVf0Q5ITGmQN0P3a9Ra7c-weyBB8ZlcsTzeCwNF5z_s3dl6WvSccTCW-6fUTAq76c08E4ccyHHLhm-sHwFeBySz5aCctMedygoiWyIWGhI8kyQt-pCcqtbYUAhrbfyqot08_5aajLYBsUVteaeZvlMAeSL1J2INXMdSGTLM_W97NGfdO9krPJDqN-MT0QZrmid5iKcIRcqswoejR_yLbXlGXM4WTO8yv1dzxqkCHtSCfc_I6jt8D7jNQ6dWsS3myvOFa83zZAdbCVURgEseNLIJQ1Un6rkUzPGoZ3mPMXPfVjVJ1RhIvUxuu0yAS-xZpDzIUShduJ_lftbKFhMT7B_yt2ShhfwLrDLTDvEdXmZjG0IE9MBmWAS5eH9bvheDEoM-21uCreyhD0Q-Uhpf7zmVpFln4PyyhHZBGF0TYkyyz3WxiCloaGQgAEhXkaJk-raiysc5Wcsjfv-s-vg0P-9pgAQ&adsafe_url=https%3A%2F%2Fwww.24h.com.vn%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6e79a47e-b8d3-530c-fd13-d58616e08b2b,c:mRkb4Z,sl:na,em:true,fr:false,thd:1,mn:app22ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sHEtR6T+11%7C12%7C13%7C141%7C142%7C15*.791812-56413830%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:15*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:27,oid:582a3c62-0a35-11ec-ac91-06da572054ee,v:19.8.241,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3HjkPQgVNUwPFSHRyt71j8MUytKD5dlDqc085AOMyyTPShrM9K1Yo7q-g7ecdE4mbhXNCNlCDVLeetLuimI3zvxH7-dxLOT94SAulbtEqkSAKAmf-BbjUPRmi8p99lyTH7KJfoq1RIF0Ci1Ix4O0n8tfzu0AEEQmTCuuBudLOl2oloQ3SooBuTL8CtztAO1x4dP9h_hvpB8viZl8n_xP86Kv1wHGlH4cqzCGumjF6hS9GLO53KV1MiDT_QxHrsgd7IVMoYMgMkCgjJEe1YY9JcXlg9ysew3C9DfkHkjZaVwxHY2n5KxSQ3Y5-rXHcNgJze-Z1b7UC6E_XdY-LI2lhX1xXyWBdVqTCtg-g-AHqrMoQSsWBbDdZHl7-9su1NtcfYKMZbM2HXt6FEozwntfN5QXaNU6pe0bFNSs_odcI_NtDrnsmqY1SsWsa2xdeH_YKC5Pke3Du6By-V23KrqZ9t3F5R0hyKIcgMkaKoXxJ4Ueql_fEPtXxKyKOBLPiDARz8hnrFiPLYWQe9tRWWtlliZ1zo4d0lK9AYZpqAM-_Rn40vpgQGRUC6WAODRLXYc0o6MzAiDPvyYVF4e_WfUnmsTE2a9HVKOKTLa6LQLC4aArg9-whqa59FMxsSHxSvzDI9W8AuNg65vBsUZxPe6gW5IfxEzjjZ6auEzGdy7GFzCktStWS9iNpeld4pN1szd-Js2V9ClBofrjLknIVHU8P7eBtmgpon9rjue87eRaDUKUHdBOT0-8UWbWjDN4W6rY6gtoCzO7nbHmSpri-TxpFJXDM8owVG7L0Ko44rieFgdbDKVTR6y3hX4fTclEngIG4XrlnVfSJBLcE9ZRTTaWqggvse_4lHHNTO7ywoWyxQB2tmYlfzxn7kGam8RTIDOqUwSRHiZy1OIWt2agLcAX0HzrPTQ_68F5YLvo1ydlvXIFLUd_mOX0Sc_H2qBYGag3xiWCXhrRSK2nSD_IWPZxMjIMHZj8Jh3GCKYM4Wt_n5JxTWf43ribT690j8pHJanPCq0UqHB7CqPt4fAM26WfM74tup7ow_RYyQKhkXI9MSZLcxYhY_IVnGtjM_cgeNxmenN5V5G-mHtRq_UQ6tyaPvjDBtYci3NJeBz5C3s8YXseeoMBZvPSFb1apftew33CL0PuF-gYeGgMzXB2pPkBQy-fsbQG26GtSqM0GZ-ms46FaDOXbGGh3KqXmFcNcOGoPSzSl5OXF39Bl4UB1cpEzV21_WZIgGuBZ2FKyxN5YLq0IL6dSujctbkjKKYdDYoJd9rrv3Wi7IKDMmyJCkkD0IZVCG3FyZerXyw2MfnhSG5dkwtgh0dzg6naXFwkg_OuIpx0btNWKToRTV2eb0FYbvwJVQ6_UbSXAEosirOTI9zRYW3LoLXR1NUrzqp6SnrsEiiqJ2gxSZFDIp1ajFwlYW2O_8Bvov9z5Z9PpN1WfgP6i62bwUmozMta4WUdlZ1xQ_aIXv0Z4frCjMHa-BcUAy_-ZuKhizvdRe0PcGmeTcPD7lIOBfsF9K7lu8CrhSJVnirajK4Gh2AFUYsH0zPXbEuCsngONt38fmS0ls5XBsG5CtltL8GM03qSKQvVRsRFOxfBExCWUCvqKl8neRHygZsZbRXXY1o8s6BFilVlkxMME9yvj75NhLuu3lWqTzzSO8OOLUFtjcUQ_PD386-EF4rpMH6zczMT-jO5iDx_LFWCtiEdHf4YhpICRdoQ-cNK0uxvPmUo57QSZvcfYInVKqzeGn9zIsCKs98ZXgXNW1Ga_imMrbV54LnWSWsTm-2HMjsJiekmXBDEJCO3L1f9o5jeWv-SbwK2s9aCwJYOz9b3bdHoaw3wfGNporCNcpdgkRhAR7spJwLYQKZrXnA_w6KDPEG1DsRCAUm-EpDRoHH1XQULLGCnXglwhYw92IV_9QNEO-EA_AqUU1z7iLoxKc25K0sPWKyu0BcWrLJhUFiWzgBbmws6U1w6ZAafiA31UqjbgjFmdkoppndfjrIEgzxyhU88KjTragIR0Bmg2pRTrjXTuroOqiiLdqP2HkzolNs8QJJjeOPqK0L3NdoexFbBBsrmDq-D29wjcFEmGfSTA4KIa3smstTpG5sr3FV3hZ8aHupL9fw65cw1vkV6G3TM8-KjpJDJwQkErD8oV7vriE85o0LxEBgjkWCNRK4enK7LKiQn6QX5FWFMs-_ulMUwcpHAE0_B9ed-JJChkpAeyDbcFR2x7NwkEROHoYBcM5WvkmEp3IXSfeZW-nwnkJwDp2ZSx_g40bkWR3TTW2_6dk7EC3D5nXYsrRSmoMBenv5XTKsdP8SHLV2FFlRCLXAgG6Bi40qHPpY-1XYeNQk4VkeiGX7ep1ET5GF5tODpxv_oKzBqonCmCZioB2TdkSek4hTt7op-ueDMY9rDOsWTsd0lQhBlEZgyOB23nfJYaQl2imWnvChS-jp2eKv9Sua67f57Jk5gP1FS5ZqkLhZ6m5imdEeG4X26VfurM2iTwLMnFTWfFVtquq2R_OPmQ4WT5Wemfz_P-LRqSdF6S2rYvM47gBYZfi7B8ECTCAH9Oc_kslWb3hh7ORUiS23hQuPWxxkowyxlTnCdXBr-QXWaYqvr5wnzs755UgsVdvn5hyw4Df4BmEdkgwpLUD8Ktf_M2kr8jS-XPar3CQYf9wqqtiCHodJ9P_umpCmnbicOFfSiBZp_XnW6Lk03iHqpz4UK30hWgciQflTrwTG-gDsnNgqZqMwokxiP1NYCTS-U6Xb9BhZdFnB4cze_DPaYHyVdQbuxXw6LXol-QExkcydLEIUzVf0Q5ITGmQN0P3a9Ra7c-weyBB8ZlcsTzeCwNF5z_s3dl6WvSccTCW-6fUTAq76c08E4ccyHHLhm-sHwFeBySz5aCctMedygoiWyIWGhI8kyQt-pCcqtbYUAhrbfyqot08_5aajLYBsUVteaeZvlMAeSL1J2INXMdSGTLM_W97NGfdO9krPJDqN-MT0QZrmid5iKcIRcqswoejR_yLbXlGXM4WTO8yv1dzxqkCHtSCfc_I6jt8D7jNQ6dWsS3myvOFa83zZAdbCVURgEseNLIJQ1Un6rkUzPGoZ3mPMXPfVjVJ1RhIvUxuu0yAS-xZpDzIUShduJ_lftbKFhMT7B_yt2ShhfwLrDLTDvEdXmZjG0IE9MBmWAS5eH9bvheDEoM-21uCreyhD0Q-Uhpf7zmVpFln4PyyhHZBGF0TYkyyz3WxiCloaGQgAEhXkaJk-raiysc5Wcsjfv-s-vg0P-9pgAQ

Request Chain 198

https://fw.adsafeprotected.com/rfw/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTikw-qLa-ZslLE1LUSb3eWK-h4uGYuvfvI1JHYvvC0j4fdIjOQ050sDxYdJW0RXbgTwAjMXr-Bud6EqkSAKAmf-C-gzsBp_oWTqtczCNQqqk-Nwpai-RgbGm2sAl8yO0pdKfsZO-m760Z6K7X3M3xkkMubgwBV-6PJP-L_kzZHzQ370-NEP13CyscRejIUqDQ4w_cTMP0IA627A9ILQADu2blhTRzOUvqcDNRWJsPWXoy3CiD3GLYb9FAcD_Zo3WDWEaarljpfNcCrE3DLiG5oXPz7Ug_L87UcqmbVvjlMe6Jx3zx_mg_gL_WYeeVFe9oNZzAZ6VNqbAPIagzAwCRuE3VN9Yoh2l8J28wdH8dbrG8EdRWOsAEBu-vkvQgLheO1ZGwWxVSkBcm1Vbo3xdW9Y0DW7Ik6_1gSL4RfI4jgR7Es8W_dDY4k913xiOUtvl5_K2X31jOUr89y1YBhMu_LvAjtwyuaU-cGJPJ2lnxAg-JSYcPvNaWR6qhyvQMJgUfbhlnAGCIs_UwVflq2hFVe1Dgkfyp8UHsazYDnL5YDiln6xvObhmTWUQ0n7SMShFNUwpgI0DS4s4JE6Fl1Rt5KUAl97NqN5CP4aSVLU5FoXznApNk4v4lzWltWgR6HhTARsbyqAbYgSeZqMLgzEF6KarnNQbIMQvl77pnym1Vmm4--X068L2DnDH-amZWumR_Co05tBzE2RpsExLPfO7gULvuKNw7X-ffmfmsagfv7FnAZSt4zqPT_udM9Mrb7drrOVB1Ts2haPgrOPa4ZsFO0ITcS2aFxVCB33sYwiXLncBQSLzHdf-XlZ13EK0nl0gDSPjKQtek96bXmuElOv4mIZaHaiiShSvuaPJEUXdc9VgVP3edcnnDE_-WmKWqmCM3HsbCX7yqJu0z_tFL2VWJdzqUvSL6FOigTJlMqSimMHtmJ7aLYor8FuiYiyA-0lOnyWYeIfgnDPmtq0gDPgG7h75FcwnBSMkdfBphNYXCNpRqM6WadJl6Z5inDGuGQds5HkCKRC2g5D97qfL1PLXphokLpppOfFs9S8PhGD0IXPIGAs7XAekE-pfIgynidePmZZAERo6O47ZDX1OX5vhc3Tur7YIMtQ-DS1oBuO-aX9DvFkOlhmjbjAdUKyKK-YuLP7DGbHVd8IsMRBqoFcdyC3E6OHr7E13Bbiz06x0VgxGMkanctaEXxnmlrkwDmEfyzmEgP_Ce_m3EuaeNlEjejFpL2TyeVRlF0iq7LNATMDt_zEok2-GGcXXZXZx9p5qImw4iF0klGjOt5BUTgT-6Km-7avNUGQpmUBYB_OKwiQPAkYPh4ORS_mMJVTMh-0u0t0tW7rVuoEIJVfvxGkojYzwnStjRk2VrqtNmVRenowsP5qL93-zuzfBkCY_r2jWfZYXKOesf3ZD_0xEKCBAAERVPKU7qqIIJqO1u5XfR2__TJpUvkRJEcE6X8OsWQHoU_sRfWF3Z9vCwAasV8BVPdUJ3kjlME-lofvRDa_V2VvDFCwa6nueIxdN25ufKFXYt1zJvjfSTIIPWYTCNUF0NxemnOEuEV-h-y9qV6GCCzoUivFkZPlKUPLrSo-h2RRgb1b7_pyf5-9QMejRX5m4G8gORDXNPWFfaFDVqaWOv6AsNdiKFWhATEyaPM-lHCNyfX8gK_vhxzj-hGyiwDZyYoQcd-1N19ZYsE7KP4Xgktqbc5v2IZoXToEGXqEXf-xcXdqcAR92JqUo7WAVfJIGCeuR6gjxtSqASpp9y3v2Rg9jg_6NmbC7RUZVZAK2whfnttCIt4woS7DELhQMhyp22w_A8ZPnvRF0q3WYR9Qn6xr6lGru7unTM95ZUxmou9gSdW278HCF_Pv14ec9nMeo3BBv1PcdAnOm9QLY2Yx0MBL5f_MtMaSrFWbssNvqPyNOKCDTHXaLSfUV6qdQSweQQIPOG9mDPN1bAKFS7TMksfJkvdq2fBzxVDygMqd1uI0gjlJjQ77QzKDEnaLofGEBRQ0-HV4YCC5gPAcj2JtHjCcPp1T7EucDzfC0ghq7qGY4buY-VD-T76QVoMkMxZSuKwHdho_-r8KkCbQDWh6zreE-vCgYo-UmbFqkvmzsSZTQYHwvClh5amUnMijXLRuu7KyVXO8pl0x_KqVVlGVYZg2u938YeJaQ_xB0pVrVWCVfrBRJgJ6WqLFthgqDUORZ5OV9YbRNin-WuRlkW0-vTSxD9FbrL7UofOqKgEh23v8VNdXL_r_CF2TiE6em05riIPJZ4wja5wYkfZ60dGKeEj_1emaWM99PurVeneCKO7pke2Cj07Th6MRIO6J2REMncoZM5DF8s4C-uv7oKPWRCC8iH4lBuIsfF5kspYGwpGj_rYj9r2M6FxnEB5yXpQSPJKIIg1vkYRskgSifQLQRSyjfc320-eGtF_C7-p0ZlkWMTV5Q6Vcdktju8mhh1Noz-fwUD41ALaA5lJN9B_u1Vu3wJRLyL5jN0skwjtvhj2MkUp2PT-GcMtKzs71PhLVJs4_Vpbp1mrbh52HbfmRV6Ypq4REwhFXc6jOeqxYx1K2TgPhVaqW-5DiIrS4vMMb-JlkQTJT_c1oqak0SNDF_IeWLDVE-1bSM9Vt6OjBgGVQFYCqEh6SS85gBDYNU3f1k63ZZLEZtbR5dtWl3JoWsggCwh4bEKNLYHFHjq44EFQDdgI04vUo7oEZF35NxQcVtP2dlKgDFQ99mKLM-oRK3JV4PwNq1Z-2ylv2kyiqx5BfW-iPtcjTPadQphOEbe8cqy1rmSk2JqlSpuNaUXOxbq3ed_3vIWELdiGHgZwPQgDGYlkH7aWOPniXWy6ylIrjAJ8Xi-RDV8a-W8v5p6m6b99r1YJXt-U_FAEgXlyqUAWO5ej6aPHpBAXi15oX_qui5PmjoH6uDfcKrn78uJXoibR1fYYC859kSROdxdtrf5isDFa0kFxWqOxLwE7SOnp6VcHahHsth9T9R0n5K0fLu4euIrBcEms0_FwtHgaUBWMiU5FPPje9EmfsUntNzEp2hLgdZ92hEcxoDQyj_C-12lCiX6IcyglBvGx2sg2l8N8LAu1HbMCIWqiSU7dnyYbU9t4atrqPxtNi7vLH5WJQYBNJuXlTF9JMg4mUw6KlT0P3W8jxdbG04672Eo9qCf7QYcCgZs3wqgfW74hMIS7wwdBCIRPzeasjtATL_68V59CQ-DZM7-tHsaGQgAEhXkaI8HwIUuRcGTqR2GnXScPg_K8eZgAQ&adsafe_url=https%3A%2F%2Fwww.24h.com.vn%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9357ac0a-5fca-b60c-45ed-cd30377541e8,c:mRkb6p,sl:na,em:true,fr:false,thd:1,mn:app17ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sHEtR8h+11%7C12%7C13%7C14*.791812-56413830%7C141%7C142%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:14*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:582a89ff-0a35-11ec-ab23-0289e6fd96ae,v:19.8.241,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTikw-qLa-ZslLE1LUSb3eWK-h4uGYuvfvI1JHYvvC0j4fdIjOQ050sDxYdJW0RXbgTwAjMXr-Bud6EqkSAKAmf-C-gzsBp_oWTqtczCNQqqk-Nwpai-RgbGm2sAl8yO0pdKfsZO-m760Z6K7X3M3xkkMubgwBV-6PJP-L_kzZHzQ370-NEP13CyscRejIUqDQ4w_cTMP0IA627A9ILQADu2blhTRzOUvqcDNRWJsPWXoy3CiD3GLYb9FAcD_Zo3WDWEaarljpfNcCrE3DLiG5oXPz7Ug_L87UcqmbVvjlMe6Jx3zx_mg_gL_WYeeVFe9oNZzAZ6VNqbAPIagzAwCRuE3VN9Yoh2l8J28wdH8dbrG8EdRWOsAEBu-vkvQgLheO1ZGwWxVSkBcm1Vbo3xdW9Y0DW7Ik6_1gSL4RfI4jgR7Es8W_dDY4k913xiOUtvl5_K2X31jOUr89y1YBhMu_LvAjtwyuaU-cGJPJ2lnxAg-JSYcPvNaWR6qhyvQMJgUfbhlnAGCIs_UwVflq2hFVe1Dgkfyp8UHsazYDnL5YDiln6xvObhmTWUQ0n7SMShFNUwpgI0DS4s4JE6Fl1Rt5KUAl97NqN5CP4aSVLU5FoXznApNk4v4lzWltWgR6HhTARsbyqAbYgSeZqMLgzEF6KarnNQbIMQvl77pnym1Vmm4--X068L2DnDH-amZWumR_Co05tBzE2RpsExLPfO7gULvuKNw7X-ffmfmsagfv7FnAZSt4zqPT_udM9Mrb7drrOVB1Ts2haPgrOPa4ZsFO0ITcS2aFxVCB33sYwiXLncBQSLzHdf-XlZ13EK0nl0gDSPjKQtek96bXmuElOv4mIZaHaiiShSvuaPJEUXdc9VgVP3edcnnDE_-WmKWqmCM3HsbCX7yqJu0z_tFL2VWJdzqUvSL6FOigTJlMqSimMHtmJ7aLYor8FuiYiyA-0lOnyWYeIfgnDPmtq0gDPgG7h75FcwnBSMkdfBphNYXCNpRqM6WadJl6Z5inDGuGQds5HkCKRC2g5D97qfL1PLXphokLpppOfFs9S8PhGD0IXPIGAs7XAekE-pfIgynidePmZZAERo6O47ZDX1OX5vhc3Tur7YIMtQ-DS1oBuO-aX9DvFkOlhmjbjAdUKyKK-YuLP7DGbHVd8IsMRBqoFcdyC3E6OHr7E13Bbiz06x0VgxGMkanctaEXxnmlrkwDmEfyzmEgP_Ce_m3EuaeNlEjejFpL2TyeVRlF0iq7LNATMDt_zEok2-GGcXXZXZx9p5qImw4iF0klGjOt5BUTgT-6Km-7avNUGQpmUBYB_OKwiQPAkYPh4ORS_mMJVTMh-0u0t0tW7rVuoEIJVfvxGkojYzwnStjRk2VrqtNmVRenowsP5qL93-zuzfBkCY_r2jWfZYXKOesf3ZD_0xEKCBAAERVPKU7qqIIJqO1u5XfR2__TJpUvkRJEcE6X8OsWQHoU_sRfWF3Z9vCwAasV8BVPdUJ3kjlME-lofvRDa_V2VvDFCwa6nueIxdN25ufKFXYt1zJvjfSTIIPWYTCNUF0NxemnOEuEV-h-y9qV6GCCzoUivFkZPlKUPLrSo-h2RRgb1b7_pyf5-9QMejRX5m4G8gORDXNPWFfaFDVqaWOv6AsNdiKFWhATEyaPM-lHCNyfX8gK_vhxzj-hGyiwDZyYoQcd-1N19ZYsE7KP4Xgktqbc5v2IZoXToEGXqEXf-xcXdqcAR92JqUo7WAVfJIGCeuR6gjxtSqASpp9y3v2Rg9jg_6NmbC7RUZVZAK2whfnttCIt4woS7DELhQMhyp22w_A8ZPnvRF0q3WYR9Qn6xr6lGru7unTM95ZUxmou9gSdW278HCF_Pv14ec9nMeo3BBv1PcdAnOm9QLY2Yx0MBL5f_MtMaSrFWbssNvqPyNOKCDTHXaLSfUV6qdQSweQQIPOG9mDPN1bAKFS7TMksfJkvdq2fBzxVDygMqd1uI0gjlJjQ77QzKDEnaLofGEBRQ0-HV4YCC5gPAcj2JtHjCcPp1T7EucDzfC0ghq7qGY4buY-VD-T76QVoMkMxZSuKwHdho_-r8KkCbQDWh6zreE-vCgYo-UmbFqkvmzsSZTQYHwvClh5amUnMijXLRuu7KyVXO8pl0x_KqVVlGVYZg2u938YeJaQ_xB0pVrVWCVfrBRJgJ6WqLFthgqDUORZ5OV9YbRNin-WuRlkW0-vTSxD9FbrL7UofOqKgEh23v8VNdXL_r_CF2TiE6em05riIPJZ4wja5wYkfZ60dGKeEj_1emaWM99PurVeneCKO7pke2Cj07Th6MRIO6J2REMncoZM5DF8s4C-uv7oKPWRCC8iH4lBuIsfF5kspYGwpGj_rYj9r2M6FxnEB5yXpQSPJKIIg1vkYRskgSifQLQRSyjfc320-eGtF_C7-p0ZlkWMTV5Q6Vcdktju8mhh1Noz-fwUD41ALaA5lJN9B_u1Vu3wJRLyL5jN0skwjtvhj2MkUp2PT-GcMtKzs71PhLVJs4_Vpbp1mrbh52HbfmRV6Ypq4REwhFXc6jOeqxYx1K2TgPhVaqW-5DiIrS4vMMb-JlkQTJT_c1oqak0SNDF_IeWLDVE-1bSM9Vt6OjBgGVQFYCqEh6SS85gBDYNU3f1k63ZZLEZtbR5dtWl3JoWsggCwh4bEKNLYHFHjq44EFQDdgI04vUo7oEZF35NxQcVtP2dlKgDFQ99mKLM-oRK3JV4PwNq1Z-2ylv2kyiqx5BfW-iPtcjTPadQphOEbe8cqy1rmSk2JqlSpuNaUXOxbq3ed_3vIWELdiGHgZwPQgDGYlkH7aWOPniXWy6ylIrjAJ8Xi-RDV8a-W8v5p6m6b99r1YJXt-U_FAEgXlyqUAWO5ej6aPHpBAXi15oX_qui5PmjoH6uDfcKrn78uJXoibR1fYYC859kSROdxdtrf5isDFa0kFxWqOxLwE7SOnp6VcHahHsth9T9R0n5K0fLu4euIrBcEms0_FwtHgaUBWMiU5FPPje9EmfsUntNzEp2hLgdZ92hEcxoDQyj_C-12lCiX6IcyglBvGx2sg2l8N8LAu1HbMCIWqiSU7dnyYbU9t4atrqPxtNi7vLH5WJQYBNJuXlTF9JMg4mUw6KlT0P3W8jxdbG04672Eo9qCf7QYcCgZs3wqgfW74hMIS7wwdBCIRPzeasjtATL_68V59CQ-DZM7-tHsaGQgAEhXkaI8HwIUuRcGTqR2GnXScPg_K8eZgAQ

Request Chain 264

https://gcdn.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/A1F03B92BC453F75333837BFA682ABF4E5943C86.4EE9ABDF9C2AD424BB42D00B5C999DBC42620574/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5lzned.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/726848F51DDC9F6CE8C6E66D3D3C68D95F9F9058.2CAE009E26CB6585A41C51BBF3380080791295FE/key/cms1/cms_redirect/yes/mh/Vb/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5lzned/ms/onc/mt/1630398269/mv/m/mvi/2/pl/47/file/file.mp4

Request Chain 269

https://gcdn.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/A1F03B92BC453F75333837BFA682ABF4E5943C86.4EE9ABDF9C2AD424BB42D00B5C999DBC42620574/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6EFD05F2D1B01752B8A7801135A89A88C8C00298.5BE816D3E0EDFD2BB6ABED802C7959393BEBBC2E/key/cms1/cms_redirect/yes/mh/Vb/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1630398033/mv/m/mvi/2/pl/47/file/file.mp4

Request Chain 283

https://c1.adform.net/serving/cookie/match?party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE

Request Chain 284

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8976707504614790935

Request Chain 286

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002508142491728012

Request Chain 287

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbVdrN0NXOUFBQUJfdTBNU2p2dw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABmWk7CW9AAAB_u0MSjvw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FOqDFbzxS6KBvuOPMzp77g%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 289

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1a2612d-e80e-4100-9bae-c4c66f8e154e

Request Chain 290

https://pixel.onaudience.com/?partner=214&mapped=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=e989e6dd4163b40f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7354ac79-425a-48d2-75f6-1e8d9c3ef776&reqId=bd2acbeb-9406-4c99-6ab2-ca3f93be5cbb&zcluid=e989e6dd4163b40f&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEPxwctu_WXmvSodlrk0gHmU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7354ac79-425a-48d2-75f6-1e8d9c3ef776&reqId=bd2acbeb-9406-4c99-6ab2-ca3f93be5cbb&zcluid=e989e6dd4163b40f&zdid=1332

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTRFQTgzMTUtQkNGMS00QkEyLTgxQkUtRTM4RjMzM0E3QkVF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaGtuafjs5uHMp-GlyhxKQ&google_cver=1

Request Chain 294

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2351937589411359512

Request Chain 295

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0da3612d-e80e-4300-bb42-20aeefb3d79b&gdpr=0&gdpr_consent=

Request Chain 296

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b5763dac-8bcb-4a4c-9ba9-63576ee6b8fc

Request Chain 297

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8932400768138574318&gdpr=0&gdpr_consent=

Request Chain 298

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cQkbjlZE2uVB2sQYg8J2DuG2n7hRNz8-~A&gdpr=0&gdpr_consent=

Request Chain 300

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ncr_iWbD_Ysuz_XVMJ3g1GWfqdwunfyMZc664BLM

Request Chain 301

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4fb2e809-de1b-4efd-9dbe-b2efea4e081b HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4fb2e809-de1b-4efd-9dbe-b2efea4e081b HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=240d30d9-8143-44b1-b4ed-823341d48115&user_group=1&ssp=pubmatic&bsw_param=4fb2e809-de1b-4efd-9dbe-b2efea4e081b HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=240d30d9-8143-44b1-b4ed-823341d48115&user_group=1&ssp=pubmatic&bsw_param=4fb2e809-de1b-4efd-9dbe-b2efea4e081b HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=113f68bc-cb2a-430a-aec4-739d3bf4c32f&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 302

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7913675282213420984&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 303

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YS3oDwAEFFlglgAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3oDwAEFFlglgAC&gdpr=0&gdpr_consent=&_test=YS3oDwAEFFlglgAC

Request Chain 305

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 306

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f26c7199-64cf-40f6-b98e-692c3493277e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 307

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB&dcc=t

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPHI6ZXZu6_mO-EVMHGwbkU&google_cver=1

Request Chain 315

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 321

https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d9e4a908-e83f-4d38-a05c-ef74bed200b8&expiration=1638347280 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d9e4a908-e83f-4d38-a05c-ef74bed200b8&expiration=1638347280&C=1

318 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.24h.com.vn/
Redirect Chain

http://www.24h.com.vn/
https://www.24h.com.vn/

601 KB
152 KB

874ms
423ms

Document
text/html

103.151.240.80
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.80 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: eceff0e8baa41142171d28465ed7a7a3526cc4d2c8f69b0f13be4937f878252c

Request headers

:method: GET
:authority: www.24h.com.vn
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Tue, 31 Aug 2021 08:27:50 GMT
content-type: text/html; charset=UTF-8
cache-control: public
expires: Tue, 31 Aug 2021 08:28:50 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
lbsrv: 3

Redirect headers

content-length: 0
location: https://www.24h.com.vn/

GET
H/1.1 200
OK 24huidutil.min.js Show response
static-us.24h.com.vn/js/24hgatracking/fe/prod/ 111 KB
41 KB 1174ms
324ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 3c43eebd87cf46dbbcff6837ad3e4c214d23754e2a4e776a997106aaf711a2e0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Sep 2020 02:13:20 GMT
Server: 24h.com.vn
ETag: W/"5f6d5240-1bdb2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 07 Sep 2021 08:27:51 GMT

GET
H/1.1 200
OK prebid3.27.1_24h_us.js Show response
image-us.24h.com.vn/upload/24h_js_library/ 206 KB
73 KB 1059ms
330ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 686747a56dcd11c85427011faec4c07895a0dad0ade73aa0e44f51e362731f04

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Oct 2020 02:27:27 GMT
Server: 24h.com.vn
ETag: W/"5f89050f-338a3"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Thu, 30 Sep 2021 08:27:51 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 118 KB
39 KB 93ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:51 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:58:03 GMT
server: nginx
etag: W/"6115450b-1d808"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 01 Sep 2021 08:27:51 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 72 KB
25 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335f1cb8313a9babd360faedfdb1c6c840ed0abdeb6b0679e2e8859a604a123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "974 / 352 of 1000 / last-modified: 1630361820"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25579
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 18ms
13ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-24EL5B93N8

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c783ce843ae6f0f11bfca4ee856adce9d70196f162aec1208ae9ac8d6b7995b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62842
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:52 GMT

GET
H2

200

icons8-soccer-ball-96-copy-1541383138-270-width20height20.png
anh.24h.com.vn/upload/4-2018/images/2018-11-05/
Redirect Chain

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-soccer-ball-96-copy-1541383138-270-width20height20.png
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-soccer-ball-96-copy-1541383138-270-width20height20.png

1 KB
1 KB

78ms
78ms

Image
image/png

85.217.188.5
NETIX-MGMT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-soccer-ball-96-copy-1541383138-270-width20height20.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS: c98f0e6.helph.info
Software: nginx /
Resource Hash: 80766b07504ff14ee113f87bbade39ac042d74d432879a32e3d924604a85e4bd

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
last-modified: Mon, 05 Nov 2018 01:59:02 GMT
server: nginx
age: 808
etag: "5bdfa3e6-5a1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h2="45.117.160.134:443"; ma=900
content-length: 1441
expires: Wed, 01 Sep 2021 08:14:27 GMT

Redirect headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
X-Content-Type-Options: nosniff
Server: 24h.com.vn
Location: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-soccer-ball-96-copy-1541383138-270-width20height20.png
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

icons8-increase-96-copy-1541383138-358-width19height19.png
anh.24h.com.vn/upload/4-2018/images/2018-11-05/
Redirect Chain

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-increase-96-copy-1541383138-358-width19height19.png
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-increase-96-copy-1541383138-358-width19height19.png

1 KB
1 KB

80ms
79ms

Image
image/png

85.217.188.5
NETIX-MGMT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-increase-96-copy-1541383138-358-width19height19.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS: c98f0e6.helph.info
Software: nginx /
Resource Hash: 5b5ebec082cb17290eed9104cc87452924b61e8f8c3d72617ff0b0e795830b37

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
last-modified: Mon, 05 Nov 2018 01:59:02 GMT
server: nginx
age: 808
etag: "5bdfa3e6-522"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h2="45.117.160.134:443"; ma=900
content-length: 1314
expires: Wed, 01 Sep 2021 08:14:27 GMT

Redirect headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
X-Content-Type-Options: nosniff
Server: 24h.com.vn
Location: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-increase-96-copy-1541383138-358-width19height19.png
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

thitruong-1541409305-47-width20height18.png
anh.24h.com.vn/upload/4-2018/images/2018-11-05/
Redirect Chain

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/thitruong-1541409305-47-width20height18.png
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/thitruong-1541409305-47-width20height18.png

1 KB
1 KB

78ms
78ms

Image
image/png

85.217.188.5
NETIX-MGMT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/thitruong-1541409305-47-width20height18.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS: c98f0e6.helph.info
Software: nginx /
Resource Hash: 329a2c389a4b4990cfbfb27a920eb8f4d520d139b84c872c7f29f3e36fcb5d13

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
last-modified: Mon, 05 Nov 2018 09:15:31 GMT
server: nginx
age: 808
etag: "5be00a33-525"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h2="45.117.160.134:443"; ma=900
content-length: 1317
expires: Wed, 01 Sep 2021 08:14:27 GMT

Redirect headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
X-Content-Type-Options: nosniff
Server: 24h.com.vn
Location: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/thitruong-1541409305-47-width20height18.png
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

heartbeat1-1541383138-349-width20height18.png
anh.24h.com.vn/upload/4-2018/images/2018-11-05/
Redirect Chain

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/heartbeat1-1541383138-349-width20height18.png
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/heartbeat1-1541383138-349-width20height18.png

1 KB
1 KB

79ms
78ms

Image
image/png

85.217.188.5
NETIX-MGMT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/heartbeat1-1541383138-349-width20height18.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS: c98f0e6.helph.info
Software: nginx /
Resource Hash: 59a61ff77e1403098b19dd0cd085402a25d832ea434c8dc61d19f72eb1c505f8

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
last-modified: Mon, 05 Nov 2018 01:59:02 GMT
server: nginx
age: 808
etag: "5bdfa3e6-52f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h2="45.117.160.134:443"; ma=900
content-length: 1327
expires: Wed, 01 Sep 2021 08:14:27 GMT

Redirect headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
X-Content-Type-Options: nosniff
Server: 24h.com.vn
Location: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/heartbeat1-1541383138-349-width20height18.png
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

icons8-smartphone-tablet-52-copy-1541383138-560-width20height20.png
anh.24h.com.vn/upload/4-2018/images/2018-11-05/
Redirect Chain

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-smartphone-tablet-52-copy-1541383138-560-width20height20.png
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-smartphone-tablet-52-copy-1541383138-560-width20height20.png

1 KB
1 KB

80ms
80ms

Image
image/png

85.217.188.5
NETIX-MGMT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-smartphone-tablet-52-copy-1541383138-560-width20height20.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS: c98f0e6.helph.info
Software: nginx /
Resource Hash: e8cbb2f433b4aad3a188ceaaca11a27a73916ef87f262e9038808687986ce4f8

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
last-modified: Mon, 05 Nov 2018 01:59:02 GMT
server: nginx
age: 808
etag: "5bdfa3e6-546"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h2="45.117.160.134:443"; ma=900
content-length: 1350
expires: Wed, 01 Sep 2021 08:14:27 GMT

Redirect headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
X-Content-Type-Options: nosniff
Server: 24h.com.vn
Location: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-smartphone-tablet-52-copy-1541383138-560-width20height20.png
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

icons8-globe-962-1541383138-743-width20height20.png
anh.24h.com.vn/upload/4-2018/images/2018-11-05/
Redirect Chain

https://image-us.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-globe-962-1541383138-743-width20height20.png
https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-globe-962-1541383138-743-width20height20.png

1 KB
2 KB

258ms
81ms

Image
image/png

85.217.188.5
NETIX-MGMT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-globe-962-1541383138-743-width20height20.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS: c98f0e6.helph.info
Software: nginx /
Resource Hash: b67da6c329bc4b715771898ef7979260fae5db6402303bd8eb29d0e7e54dd13e

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
last-modified: Mon, 05 Nov 2018 01:59:02 GMT
server: nginx
age: 805
etag: "5bdfa3e6-5b5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1461
expires: Wed, 01 Sep 2021 08:14:27 GMT

Redirect headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
X-Content-Type-Options: nosniff
Server: 24h.com.vn
Location: https://anh.24h.com.vn/upload/4-2018/images/2018-11-05/icons8-globe-962-1541383138-743-width20height20.png
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

thethao-1579244755-985-width20height22.png
anh.24h.com.vn/upload/1-2020/images/2020-01-17/
Redirect Chain

https://image-us.24h.com.vn/upload/1-2020/images/2020-01-17/thethao-1579244755-985-width20height22.png
https://anh.24h.com.vn/upload/1-2020/images/2020-01-17/thethao-1579244755-985-width20height22.png

1 KB
2 KB

79ms
78ms

Image
image/png

85.217.188.5
NETIX-MGMT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anh.24h.com.vn/upload/1-2020/images/2020-01-17/thethao-1579244755-985-width20height22.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS: c98f0e6.helph.info
Software: nginx /
Resource Hash: 8c8a9a2aa686ef2a0ff0a0aea5ebdd368de93a2eab634b9725c67ed1ebab139f

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
last-modified: Fri, 17 Jan 2020 07:05:55 GMT
server: nginx
age: 808
etag: "5e215cd3-569"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h2="45.117.160.134:443"; ma=900
content-length: 1385
expires: Wed, 01 Sep 2021 08:14:27 GMT

Redirect headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
X-Content-Type-Options: nosniff
Server: 24h.com.vn
Location: https://anh.24h.com.vn/upload/1-2020/images/2020-01-17/thethao-1579244755-985-width20height22.png
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK nha_icon-1629109485-345-width23height23.png
image-us.24h.com.vn/upload/3-2021/images/2021-08-16/ 407 B
747 B 381ms
173ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-16/nha_icon-1629109485-345-width23height23.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 0041fcb49da432124970173cfde018bad4a73faedba9cbc21df0afd972606356

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Mon, 16 Aug 2021 10:24:45 GMT
Server: 24h.com.vn
ETag: "611a3ced-197"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 407
Expires: Thu, 30 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK logo-covid-3---9slide-1628473896-250-width31height22.png
image-us.24h.com.vn/upload/3-2021/images/2021-08-09/ 1 KB
2 KB 516ms
173ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-09/logo-covid-3---9slide-1628473896-250-width31height22.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 3edac33045fe1c4b6c03f53f611163aab2cec88da4a3d06ade899cff2159acf1

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Mon, 09 Aug 2021 01:51:36 GMT
Server: 24h.com.vn
ETag: "61108a28-4dc"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1244
Expires: Thu, 30 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK xem-lich-1613962271-733-width25height25.png
image-us.24h.com.vn/upload/1-2021/images/2021-02-22/ 15 KB
16 KB 668ms
323ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/1-2021/images/2021-02-22/xem-lich-1613962271-733-width25height25.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 0acb3da9feb2ed6b5b5e0a83ae35a3926abd791ea8ce38daa0f203919cb63612

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Mon, 22 Feb 2021 02:51:11 GMT
Server: 24h.com.vn
ETag: "60331c1f-3dc6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15814
Expires: Thu, 30 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK eva-1613962194-387-width16height20.png
image-us.24h.com.vn/upload/1-2021/images/2021-02-22/ 1 KB
2 KB 520ms
175ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/1-2021/images/2021-02-22/eva-1613962194-387-width16height20.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 60ce6370065a632fc70c5e3ae6b9445ddcb67b5f53d8deda6ff652fd06c71c96

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Mon, 22 Feb 2021 02:49:54 GMT
Server: 24h.com.vn
ETag: "60331bd2-54b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1355
Expires: Thu, 30 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK 24h_logo_trang_chu_2015.png
static-us.24h.com.vn/images/2014/ 3 KB
3 KB 176ms
174ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/24h_logo_trang_chu_2015.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 045a9c71ac8cedba3153b0769c8d79f3790a0d641769920211b77190f2b65277

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Wed, 05 Dec 2018 09:08:30 GMT
Server: 24h.com.vn
ETag: "5c07958e-c79"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3193
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK logo_vietlot_pc.png
static-us.24h.com.vn/images/2014/ttcb/ 2 KB
3 KB 713ms
174ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/ttcb/logo_vietlot_pc.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 9b96a5cfdd95b9a9c057b8b25f559fc040ce2f990b994b49f77f89bd8318fbed

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Mon, 01 Apr 2019 03:30:04 GMT
Server: 24h.com.vn
ETag: "5ca185bc-8ed"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2285
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK banner-0505.png
static-us.24h.com.vn/images/2014/ 1 KB
1 KB 717ms
177ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/banner-0505.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 8cd6789dc35b6a3e06ec045e51dd94f9451fe7f44f3955926cca65f2d62358c5

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Wed, 06 May 2020 09:10:03 GMT
Server: 24h.com.vn
ETag: "5eb27eeb-431"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1073
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK dmca_protected_sml_120m.png
static-us.24h.com.vn/js/js_outsite/ 1 KB
2 KB 737ms
183ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/js/js_outsite/dmca_protected_sml_120m.png?ID=beadc7dd-b150-496e-948e-fdb97a8bf1f0
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 7aa3edd457d03ef9369a8500e6ce97a95e33f66e4de8ba161763cf75a5adf01d

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Wed, 05 Dec 2018 09:28:55 GMT
Server: 24h.com.vn
ETag: "5c079a57-5b3"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1459
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H2 200 swiper.min.js Show response
www.24h.com.vn/js/ 43 KB
14 KB 230ms
229ms Script
application/x-javascript 103.151.240.80
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.24h.com.vn/js/swiper.min.js?v=91527082021
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.80 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: 24h.com.vn /
Resource Hash: 4670fa0970687a6af5907fce5830bf72ab3bc3b472e1900db33696d9416b78fa

Request headers

:path: /js/swiper.min.js?v=91527082021
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.24h.com.vn
referer: https://www.24h.com.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 02:48:34 GMT
server: 24h.com.vn
etag: W/"5fc9a382-ad83"
content-type: application/x-javascript
lbsrv: 3
cache-control: max-age=86400
expires: Wed, 01 Sep 2021 08:27:52 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 346 KB
119 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js?v=103231082021

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cd323190d64933d26fde865c63aff98528381cb6187df13adcaf19a19847603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121736
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:52 GMT

GET
H/1.1 200
OK videojs-ie8.min.js Show response
static-us.24h.com.vn/js/ 27 KB
10 KB 178ms
177ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-us.24h.com.vn/js/videojs-ie8.min.js?v=103231082021
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: a406e8da06f4cb11d23b86b3008959537ae6c1635aba5de32799b88f747bd56c

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Dec 2018 09:28:51 GMT
Server: 24h.com.vn
ETag: W/"5c079a53-6a8e"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 07 Sep 2021 08:27:53 GMT

GET
H/1.1 200
OK 24hplayer-drm.min.js Show response
static-us.24h.com.vn/js/ 1 MB
404 KB 325ms
324ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: b3a68c679e3ba150c911505427369ff451f8ab758e308c46d958e96d5e10e203

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Aug 2021 03:56:56 GMT
Server: 24h.com.vn
ETag: W/"610a1008-12b2dd"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 07 Sep 2021 08:27:53 GMT

GET
H/1.1 200
OK jquery.min.js Show response
static-us.24h.com.vn/js/ 95 KB
37 KB 349ms
349ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-us.24h.com.vn/js/jquery.min.js?v=103231082021
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 619e2a31add3dd54577e508f26e1df919bbba4dde01fc453fb4f16f18023e3f9

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Dec 2018 09:27:15 GMT
Server: 24h.com.vn
ETag: W/"5c0799f3-17d0d"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 07 Sep 2021 08:27:53 GMT

GET
H/1.1 200
OK common_092018_pc.min.js Show response
static-us.24h.com.vn/js/ 236 KB
66 KB 343ms
343ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-us.24h.com.vn/js/common_092018_pc.min.js?v=103231082021
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: e8f485d7a4f29552621b4af6cdeff988a88877afa2973fa4ec2dafd476ba2a21

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 07:59:46 GMT
Server: 24h.com.vn
ETag: W/"61289b72-3b13c"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 07 Sep 2021 08:27:53 GMT

GET
H/1.1 200
OK 24h-092018-load-sau-pc.min.js Show response
static-us.24h.com.vn/js/ 136 KB
35 KB 334ms
334ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-us.24h.com.vn/js/24h-092018-load-sau-pc.min.js?v=103231082021
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: d2e880c3767b0b93dfb83b4ea13a58d9e7f6b668297dc7b1a9fab72ebf0122cc

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 07:59:46 GMT
Server: 24h.com.vn
ETag: W/"61289b72-21f37"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 07 Sep 2021 08:27:53 GMT

GET
H/1.1 200
OK balloon.min.js Show response
static-us.24h.com.vn/upload/24h_js_library/ 15 KB
3 KB 185ms
184ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-us.24h.com.vn/upload/24h_js_library/balloon.min.js
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 76040defede86743c048e3eee87635a3e9aac6e8e7052e681656eb84c2099d70

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Apr 2021 10:04:39 GMT
Server: 24h.com.vn
ETag: W/"607ea737-3b57"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Thu, 30 Sep 2021 08:27:53 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 127 KB
34 KB 195ms
70ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 03:22:23 GMT
content-encoding: gzip
age: 18329
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0MRGSGN3QG53QJFYMTY9
etag: 708a268139e52bdfbe59398b3e766151
vary: Accept-Encoding
x-amz-version-id: bUOtLa_JuiaVr315AmNwDAtieSptDO4R
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: x6urzK3jLyBp0qKAa2DBxVTbqNkiyVOokFEJ68D_maPviT_Sa8131A==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 169ms
56ms Script
application/javascript 13.224.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-91.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 30 Aug 2021 13:22:44 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 68709
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: SrPDe9R3OiFO4eto0KGLw2kvHRB6XJue8qDylFOH8a-RCJe4rGG4kA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5752
date: Tue, 31 Aug 2021 06:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 31 Aug 2021 08:52:00 GMT

GET
H/1.1 200
OK bg.jpg
static-us.24h.com.vn/images/2014/ 1 KB
1 KB 344ms
173ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/bg.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: b8c129096303268581cdb337ab283de2545bc93d0c225543a2463dcf516edd7e

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Wed, 05 Dec 2018 09:08:18 GMT
Server: 24h.com.vn
ETag: "5c079582-470"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1136
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK Hot-092018.png
static-us.24h.com.vn/images/ 1 KB
2 KB 516ms
173ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/Hot-092018.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: ddfb7a6ca0091eceddeaf357dab046f0748d748f599a9c32f1eb77cea863eb32

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Tue, 20 Nov 2018 07:50:04 GMT
Server: 24h.com.vn
ETag: "5bf3bcac-5b5"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1461
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK sprites092018.png
static-us.24h.com.vn/images/ 47 KB
47 KB 526ms
181ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/sprites092018.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: ddd3d5f7258994cedb5cb0f8570554722a0614f3ffc4adc4875b18a9d14c5762

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Wed, 05 Dec 2018 09:06:09 GMT
Server: 24h.com.vn
ETag: "5c079501-bbd5"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48085
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c7fc7b2339c77b969ee3e0b5740e7498f23ad9e7dddf25a88dc6398a5dc92b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK menu-top-xem-danh-muc.gif
static-us.24h.com.vn/images/2014/ 79 B
416 B 517ms
177ms Image
image/gif 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/menu-top-xem-danh-muc.gif
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: d5fe6350b11661d6e0137a09a918c61d25ff5551ffba752c19d8911f7a5884f4

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Mon, 17 Oct 2016 08:43:08 GMT
Server: 24h.com.vn
ETag: "58048f1c-4f"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK sprites-responsive.png
static-us.24h.com.vn/images/2014/ 4 KB
4 KB 515ms
175ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/sprites-responsive.png?1
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 444b7093c4659b81a6d74b548adf693505a2e7930e2e31106092cfd7e76f5488

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Tue, 30 Jan 2018 09:00:06 GMT
Server: 24h.com.vn
ETag: "5a703416-fc6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4038
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK tab.png
static-us.24h.com.vn/images/2014/ 2 KB
2 KB 505ms
175ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/tab.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 4533da4b200a6331236bdd8faba8c9ec8505e5cb8b6a94991f7e04a92a819f82

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Thu, 25 Jan 2018 08:00:06 GMT
Server: 24h.com.vn
ETag: "5a698e86-62e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1582
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H2 200 pubads_impl_2021082701.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 196ms
67ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:07:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119397
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 590 B
883 B 184ms
65ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.24h.com.vn

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

deda973a736525540477b3eb1167d1b424134c2d2be369a538b10c6c3b82155c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:52 GMT

GET
H/1.1 200
OK 1630386889-275-thumbnail-width532height301.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31/ 32 KB
32 KB 325ms
323ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31/1630386889-275-thumbnail-width532height301.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: d422c24b9e7539d4f56c89f2453407179a3c559893bc44ebd29c654bb589578e

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 05:44:01 GMT
Server: 24h.com.vn
ETag: "612dc1a1-8088"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32904
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK small-iconvideo.png
static-us.24h.com.vn/images/2014/ 3 KB
3 KB 174ms
173ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/small-iconvideo.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: e7848095f245d90e00733a33f7ed3ecf6a43fc7dd4fe9fbc7c4caccff8b710a7

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Last-Modified: Wed, 05 Dec 2018 09:08:31 GMT
Server: 24h.com.vn
ETag: "5c07958f-a53"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2643
Expires: Tue, 07 Sep 2021 08:27:53 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK icon_hoi_dap_dau_text.png
static-us.24h.com.vn/images/ 18 KB
18 KB 340ms
340ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/icon_hoi_dap_dau_text.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 57c9e991dd4be9412a0271944e8603ddf5af25ef262652181d2c2c0129da60ab

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:53 GMT
Last-Modified: Fri, 22 May 2020 01:40:03 GMT
Server: 24h.com.vn
ETag: "5ec72d73-468d"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18061
Expires: Tue, 07 Sep 2021 08:27:53 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 279ms
113ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17516&site_id=172696&zone_id=841804&size_id=10&rf=https%3A%2F%2Fwww.24h.com.vn%2F&tk_flint=pbjs_lite_v4.12.0&x_source.tid=b224a2b5-caea-431f-9671-7bea8ba883f1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6678842643216187
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 572c0c661d5dbe015119d55875babdc8548fe51c8d56414412266d8532674a8e

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:52 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.24h.com.vn
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 274ms
108ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17516&site_id=172696&zone_id=841810&size_id=10&rf=https%3A%2F%2Fwww.24h.com.vn%2F&tk_flint=pbjs_lite_v4.12.0&x_source.tid=5b3dd0f1-d35b-4f4d-a8d6-05334936a9aa&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.09810755540519778
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b2184da13e51b77d33ef2fca92a0bf375e728cead838a546ad8d873c3acd7ea4

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:52 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.24h.com.vn
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 272ms
102ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17516&site_id=172696&zone_id=841812&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.24h.com.vn%2F&tk_flint=pbjs_lite_v4.12.0&x_source.tid=7c57f53a-f7c2-4dbb-bfc5-36dbbb9b2463&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9425616574808675
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 39851aa09105af84ffceec77932708e326e2d21c834ac9eb78c0d7b24de2db3e

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:52 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.24h.com.vn
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
2 KB 281ms
113ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17516&site_id=172696&zone_id=841800&size_id=9&rf=https%3A%2F%2Fwww.24h.com.vn%2F&tk_flint=pbjs_lite_v4.12.0&x_source.tid=bc957279-325f-458f-9eac-fa4bc44b8636&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4896617629786284
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e0aeefcb91f4302844150bf9d5645c6bed7fc7aa7a5e39f52c8e80b53e90edb4

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:52 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.24h.com.vn
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
2 KB 271ms
103ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17516&site_id=172696&zone_id=841802&size_id=9&rf=https%3A%2F%2Fwww.24h.com.vn%2F&tk_flint=pbjs_lite_v4.12.0&x_source.tid=e726a827-f21a-4883-9fa9-537eec359d64&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.954700764484665
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 56d57898e63e91f26ae4f5e548ce001d42770c6c9901e23e8dc9260f27ca2dac

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:52 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.24h.com.vn
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
373 B 229ms
128ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=359606&v=7.2&r=%7B%22id%22%3A%227e7f133afa08cc%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22889cb33afb6045%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359606%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22903179ada5b5bc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360426%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210a54c365f21b48%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360427%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211e92b6e9ee1223%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360428%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22126a92ea4deb29%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360429%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210a54c365f21b48%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360427%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.24h.com.vn%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5ebaa0f9194002e7c8527f312cbd8b5e6c846ec54e4923da4dcb5bc635a42c7d

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[SE], RC:[AB], CN:[EU], CIP:[185.236.42.205], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.24h.com.vn
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 10
expires: Tue, 31 Aug 2021 08:27:52 GMT

GET
H/1.1 200
OK icon_topck.png
static-us.24h.com.vn/images/ 347 B
686 B 558ms
173ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/icon_topck.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 33c60cc93fb570ad02bf48fbab6e1e4552feb8d0d5347e1b43c6bc1101246d83

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Tue, 26 May 2020 04:00:03 GMT
Server: 24h.com.vn
ETag: "5ecc9443-15b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 347
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK btn_up2019.png
static-us.24h.com.vn/images/2014/ttcb/ 1 KB
1 KB 566ms
175ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/ttcb/btn_up2019.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: bcb1381647068fd69298ea0b90bcb16b381e833c1a7ebb219c45c29ec094fc01

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Wed, 20 Mar 2019 02:30:04 GMT
Server: 24h.com.vn
ETag: "5c91a5ac-43a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1082
Expires: Tue, 07 Sep 2021 08:27:52 GMT

GET
H/1.1 200
OK btn_down2019.png
static-us.24h.com.vn/images/2014/ttcb/ 1 KB
1 KB 422ms
183ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-us.24h.com.vn/images/2014/ttcb/btn_down2019.png
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 652e9bb1be6ed1bc89cbaa2b34d5b65daa8f6bc2d04f369a9ed32a95792fabd3

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:52 GMT
Last-Modified: Wed, 20 Mar 2019 02:30:04 GMT
Server: 24h.com.vn
ETag: "5c91a5ac-423"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1059
Expires: Tue, 07 Sep 2021 08:27:52 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 523ms
64ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=112&profileId=185&av=32&wv=4.12.0&cb=7353104383
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.24h.com.vn
date: Tue, 31 Aug 2021 08:27:52 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 1236ms
108ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.24h.com.vn
date: Tue, 31 Aug 2021 08:27:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg3431.smartadserver.com/prebid/ 0
322 B 217ms
61ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg3431.smartadserver.com/prebid/v1
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg3431.smartadserver.com/prebid/ 0
322 B 216ms
61ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg3431.smartadserver.com/prebid/v1
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg3431.smartadserver.com/prebid/ 0
322 B 217ms
62ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg3431.smartadserver.com/prebid/v1
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg3431.smartadserver.com/prebid/ 0
322 B 216ms
61ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg3431.smartadserver.com/prebid/v1
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:51 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg3431.smartadserver.com/prebid/ 0
322 B 264ms
110ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg3431.smartadserver.com/prebid/v1
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
155 B 14ms
13ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-24EL5B93N8&gtm=2oe8p0&_p=1003469083&sr=1600x1200&_gaz=1&ul=en-us&cid=1065341481.1630398472&_s=1&dl=https%3A%2F%2Fwww.24h.com.vn%2F&dt=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&sid=1630398472&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24EL5B93N8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
65 B 15ms
14ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-24EL5B93N8&cid=1065341481.1630398472&gtm=2oe8p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24EL5B93N8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-24EL5B93N8&cid=1065341481.1630398472&gtm=2oe8p0&aip=1&z=616733760

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
553 B 36ms
14ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.24h.com.vn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H/1.1 204
No Content 24h-analytics.php
thongke.24h.com.vn/24h-analytics/ 0
320 B 1296ms
245ms Image
image/gif 125.212.247.127
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thongke.24h.com.vn/24h-analytics/24h-analytics.php?rand=0.3394124996737664&url_tracker=https%3A//www.24h.com.vn/%3Fserver%3D%26region%3DUS%26device%3Dweb
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 125.212.247.127 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: 24h.com.vn / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:53 GMT
Last-Modified: Tue, 31 Aug 2021 08:27:53 GMT
Server: 24h.com.vn
X-Powered-By: PHP/5.5.38
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: pre-check=0, post-check=0, max-age=0
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK 1630390450-430-thumbnail-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/ 8 KB
8 KB 176ms
175ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/1630390450-430-thumbnail-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 0f3d167834148c19be718ee0d51f0e92d21b8ab028a14621377734602bffa5d0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 06:16:01 GMT
Server: 24h.com.vn
ETag: "612dc921-209e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8350
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 6-640-1630376963-88-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/ 9 KB
9 KB 175ms
175ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/6-640-1630376963-88-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: c03c35c0522d80ce801580a7ed8677879be8fa7204cba094a503f1701f5253fc

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 02:30:01 GMT
Server: 24h.com.vn
ETag: "612d9429-23ee"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9198
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630382576-254-thumbnail-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/ 5 KB
6 KB 179ms
178ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/1630382576-254-thumbnail-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: bb0ed0ceb8eb9c198a734638387c3bccc64bcccbab515e35e703c3ed24aa6369

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 04:04:01 GMT
Server: 24h.com.vn
ETag: "612daa31-15d7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5591
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK untitled-2-1630292888-293-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-30/120x90/ 7 KB
7 KB 176ms
175ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-30/120x90/untitled-2-1630292888-293-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: e4992fce0934058f60b2765e3818794f82db0d7b44c6fc04868b0c10a76e7e80

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 05:28:01 GMT
Server: 24h.com.vn
ETag: "612dbde1-1b8f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7055
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630379972-389-thumbnail-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/ 7 KB
7 KB 186ms
186ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31/120x90/1630379972-389-thumbnail-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: ccb52e2283ca376d6f808c82a4d71954909cb6e36b7459e6491d5a40953ae5a5

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 04:17:01 GMT
Server: 24h.com.vn
ETag: "612dad3d-1b2b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6955
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1629891676-215-thumbnail-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-25/120x90/ 7 KB
7 KB 177ms
176ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-25/120x90/1629891676-215-thumbnail-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: ff3d1a90882751a47c90967bdbc7a086e7e3e295c4d7caa8bfe53c0e16f2d0f2

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 02:04:01 GMT
Server: 24h.com.vn
ETag: "612d8e11-1aef"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6895
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK adt1630381275-fb197c399766834d7285adcfa2e4a4df.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31//120x90/ 8 KB
8 KB 180ms
179ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31//120x90/adt1630381275-fb197c399766834d7285adcfa2e4a4df.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 1a8a8366743aedf72a70cb7fc900bda1ef792d448b1cbbd1f36cf6c45aaa1dfa

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 03:55:01 GMT
Server: 24h.com.vn
ETag: "612da815-1ff0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8176
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630311384-khanhthi_phanhien.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-30/ 23 KB
23 KB 321ms
321ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-30/1630311384-khanhthi_phanhien.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: be7e262ca938c2d20d85be20cd178f5ac039546d5134dcf2c4b256623fd72c2a

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Mon, 30 Aug 2021 08:23:01 GMT
Server: 24h.com.vn
ETag: "612c9565-5a28"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23080
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630383347-lamnong.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31/ 18 KB
19 KB 324ms
323ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31/1630383347-lamnong.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: a552529e3596bdac17af933ccbbb65a44a87b8e6644a51af43f00c8d70251da3

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 04:26:01 GMT
Server: 24h.com.vn
ETag: "612daf59-495b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18779
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630373816-dtvn.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-31/ 30 KB
31 KB 344ms
344ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-31/1630373816-dtvn.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 7cc25d33b590c2c5501eecfc82f9a7084f5d2a4f6addecd75f3b663f5bb188f8

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Tue, 31 Aug 2021 01:43:01 GMT
Server: 24h.com.vn
ETag: "612d8925-7955"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31061
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630231249-mangut.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-29/ 59 KB
60 KB 319ms
319ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-29/1630231249-mangut.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 153d12fce38abac81f770159e305a57f543693bbd70e5a53512bddb37404cee9

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Sun, 29 Aug 2021 21:59:01 GMT
Server: 24h.com.vn
ETag: "612c0325-edc1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60865
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK anh-dai-dien-1630297503-662-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-30/thumbnail/ 5 KB
6 KB 179ms
178ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-30/thumbnail/anh-dai-dien-1630297503-662-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 06fca24bed8d7aa6e909b084c4a51d8e89f6460ef7468c949f9ff32838be8cf2

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Mon, 30 Aug 2021 23:47:01 GMT
Server: 24h.com.vn
ETag: "612d6df5-1563"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5475
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630314728-965-thumbnail-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-30/medium/ 9 KB
9 KB 180ms
179ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-30/medium/1630314728-965-thumbnail-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: e41665a2b962dc350bbcfb7b52e4090115ecc8c0cc50f876368631069b9b180b

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Mon, 30 Aug 2021 09:17:01 GMT
Server: 24h.com.vn
ETag: "612ca20d-229b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8859
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK 1630057377-781-thumbnail-width640height480.jpg
image-us.24h.com.vn/upload/3-2021/images/2021-08-27/medium/ 10 KB
11 KB 181ms
180ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.24h.com.vn/upload/3-2021/images/2021-08-27/medium/1630057377-781-thumbnail-width640height480.jpg
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 9ae6152a9619f25bc793c62185d1b49df2b21a1bee6b94e8d10c3ed5c74fc686

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:55 GMT
Last-Modified: Fri, 27 Aug 2021 09:43:01 GMT
Server: 24h.com.vn
ETag: "6128b3a5-295e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10590
Expires: Thu, 30 Sep 2021 08:27:55 GMT

GET
H/1.1 200
OK get_class_by_cliend_id Show response
search.24hstatic.com/v1/recommend/ 226 B
603 B 1150ms
250ms XHR
application/json 125.212.247.143
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://search.24hstatic.com/v1/recommend/get_class_by_cliend_id?c_client_id=1065341481.1630398472&c_website=24h&b1
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.247.143 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Hello World /
Resource Hash: ebe4716a6e7352f7655ae9e5fc8db8bff637886ee3f1e208de7c493c2bb0344b

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:53 GMT
Content-Encoding: gzip
Server: Hello World
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 16 KB
6 KB 43ms
12ms Script
application/javascript 2600:9000:2190:2800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:2800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:43 GMT
content-encoding: gzip
etag: W/"51870ee6d5cb32ca5311356b296af21f"
last-modified: Tue, 09 Mar 2021 20:17:06 GMT
server: AmazonS3
age: 875
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: q_CJZp3sJL5rU6Ybya6rZrsLm4BrTLTOTZeg22Wo76p1lDLavgyHmw==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B318 11 KB
5 KB 323ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.24h.com.vn

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.24h.com.vn
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1832
set-cookie: uid=6dc9660c-5a69-4b8e-b74c-03d89f1309b0; expires=Sun, 25 Sep 2022 08:27:51 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Tue, 31 Aug 2021 08:27:52 GMT
content-length: 4666

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9634358&ns__t=1630398472535&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1630398472535&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%...

64 B
330 B

65ms
64ms

Image
image/gif

13.224.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1630398472535&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&c7=https%3A%2F%2Fwww.24h.com.vn%2F&c9=
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-91.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: OBwZ2Na6F6hj8zbkaVnbz0lTJXOTU3iH6nL9jvPeY-a7vmlmbRASXw==

Redirect headers

date: Tue, 31 Aug 2021 08:27:52 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1630398472535&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&c7=https%3A%2F%2Fwww.24h.com.vn%2F&c9=
content-length: 331
x-amz-cf-id: 3IFHkFMIWp0rVfQ69tNQHOj88gSJrslQj2oYXhu4T7PXFQDA1qdVJg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
482 B 35ms
14ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.24h.com.vn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 68ms
68ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.24h.com.vn%2F&pubid=f6d4f034-e95c-4b38-a823-9ad23ced8869
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 07:09:45 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
server: Server
age: 4686
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.24h.com.vn
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: DGlc-MG7bq3Mr8v-hgbLDQSZ_k4GZRlQldSCbgSrjcQIguuVnzCYBg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 185ms
62ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 96XhsjGsBxsrm3kyucJOVw9g9hT2d.yB
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 20645
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 21 Aug 2021 01:59:01 GMT
server: AmazonS3
date: Tue, 31 Aug 2021 02:50:28 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: jIaWK1rUhAHNUzMBjU4lqZwt7m-oOj-71agRiynVIPpSdxdR0V_qxQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 101ms
100ms XHR
text/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.24h.com.vn%2F&pid=MMS1wn6H3snhc&cb=0&ws=1600x1200&v=7.68.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F124557882%2F24h%2Fus%2Fdesktop%2Fhome%2Fhalf1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F124557882%2F24h%2Fus%2Fdesktop%2Fhome%2Fhalf3%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F124557882%2F24h%2Fus%2Fdesktop%2Fhome%2Fhotrectangle1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F124557882%2F24h%2Fus%2Fdesktop%2Fhome%2Fskyleft%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F124557882%2F24h%2Fus%2Fdesktop%2Fhome%2Fskyright%22%7D%5D&cfgv=0&pubid=f6d4f034-e95c-4b38-a823-9ad23ced8869&gdprl=%7B%22status%22%3A%22cmp-error%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:52 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.24h.com.vn
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: LAevBsqloyqHnaMeqLfVOsiHoR8hZ9BJTWz_ozBBlx0ckDwiyZuTlw==

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 29ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-2286909-2&cid=1065341481.1630398472&jid=1249349660&gjid=203058972&_gid=1177277225.1630398473&_u=YCDAiEABBAQCAE~&z=1360300334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 Aug 2021 08:27:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1003469083&t=pageview&_s=1&dl=https%3A%2F%2Fwww.24h.com.vn%2F&ul=en-us&de=UTF-8&dt=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAQC~&jid=1249349660&gjid=203058972&cid=1065341481.1630398472&tid=UA-2286909-2&_gid=1177277225.1630398473&cg1=Home&cg2=None&cg3=desktop&cg4=home&cg5=null&cd1=Home&cd2=None&cd3=desktop&cd4=home&z=1489652221

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 07:09:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4721
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2286909-2&cid=1065341481.1630398472&jid=1249349660&_u=YCDAiEABBAQCAE~&z=738588642

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 26ms
24ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2286909-2&cid=1065341481.1630398472&jid=1249349660&_u=YCDAiEABBAQCAE~&z=738588642

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3679d93f32c8a4019b71cd695be75acfcb43ef2ec7c728e45477a379909be8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 07:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6044
x-xss-protection: 0
server: cafe
etag: 3925241684353305145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 08:28:00 GMT

GET
H2 200 ip.php Show response
www.24h.com.vn/ 69 B
303 B 227ms
227ms XHR
application/json 103.151.240.80
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.24h.com.vn/ip.php
Requested by: Host: static-us.24h.com.vn
URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.80 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: 24h.com.vn /
Resource Hash: 03bef2b68f432b1ac2abffe1a4ce55d98a9ef106e707c4e3a2c1f7473b228de8

Request headers

:path: /ip.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.24h.com.vn
referer: https://www.24h.com.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
server: 24h.com.vn
vary: User-Agent
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
lbsrv: 3
cache-control: public
access-control-allow-headers: X-Requested-With
content-length: 69
expires: Tue, 31 Aug 2021 08:30:55 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 63ms
63ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.24h.com.vn
date: Tue, 31 Aug 2021 08:27:54 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame B318
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=24h.com.vn&sn=ChromeSyncframe&so=0&topUrl=www.24h.com.vn&cw=1
https://mug.criteo.com/sid?cpp=Cd0jJHxKU2xkT0xGMEdxVEdiSmhVUlo0UzlobkxKc3FDSjhySFNsMnRGakNhR1hScEx4S2wwTGk2N3d3WDdac2RndlJNUVdLUXdDa2k5SXZUZmRqSU9WcmVsZGx2aWkwbCtLSVo3SU81T3JQaHFXaXNSc083WFhRZmJnMT...

321 B
591 B

199ms
71ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Cd0jJHxKU2xkT0xGMEdxVEdiSmhVUlo0UzlobkxKc3FDSjhySFNsMnRGakNhR1hScEx4S2wwTGk2N3d3WDdac2RndlJNUVdLUXdDa2k5SXZUZmRqSU9WcmVsZGx2aWkwbCtLSVo3SU81T3JQaHFXaXNSc083WFhRZmJnMTR0ODRCRkxYbitxK3dzOHpwVHJvSjZZS1Y4bGhqVzRVZ2JiQU1oaWY3QjhGWUFlT2FWdVBob1luRy9DOGVUWE1QblNHTVhrSDByREJIb3ROajhjdHVZaXFaZXhCeUxrOGxBU1BSdmN0Y0RQaFplTkgwR1I0PXw&cppv=2

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ee072a06ad0ab79b8ab10f8238f273815b46d2653ae95e456f92489ec34e261d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 31 Aug 2021 08:27:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2644
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 31 Aug 2021 08:27:54 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Cd0jJHxKU2xkT0xGMEdxVEdiSmhVUlo0UzlobkxKc3FDSjhySFNsMnRGakNhR1hScEx4S2wwTGk2N3d3WDdac2RndlJNUVdLUXdDa2k5SXZUZmRqSU9WcmVsZGx2aWkwbCtLSVo3SU81T3JQaHFXaXNSc083WFhRZmJnMTR0ODRCRkxYbitxK3dzOHpwVHJvSjZZS1Y4bGhqVzRVZ2JiQU1oaWY3QjhGWUFlT2FWdVBob1luRy9DOGVUWE1QblNHTVhrSDByREJIb3ROajhjdHVZaXFaZXhCeUxrOGxBU1BSdmN0Y0RQaFplTkgwR1I0PXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1853
content-length: 482
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.24h.com.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.24h.com.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 283 KB
50 KB 664ms
664ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1692679738305722&correlator=1973155566126345&output=ldjh&impl=fifs&hxva=1&scor=3751308205690580&eid=31062434%2C44748388%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=124557882%2C24h%2Cus%2Cdesktop%2Chome%2Cskyleft%2Chalf1%2Chalf3%2Ccenter%2Chotrectangle1%2Cskyright&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8%2C%2F0%2F1%2F2%2F3%2F4%2F9%2C%2F0%2F1%2F2%2F3%2F4%2F10&prev_iu_szs=298x900%7C160x600%2C300x600%7C300x250%2C300x600%2C696x120%7C696x86%2C300x250%7C336x280%2C298x901%7C160x600&prev_scp=id_div%3Ddiv-gpt-ad-1490323067809-11%26amznbid%3D2%26amznp%3D2%7Cid_div%3Ddiv-gpt-ad-1490323067809-4%26amznbid%3D2%26amznp%3D2%7Cid_div%3Ddiv-gpt-ad-1490323067809-6%26amznbid%3D2%26amznp%3D2%7Cid_div%3Ddiv-gpt-ad-1490323067809-1%7Cid_div%3Ddiv-gpt-ad-1490323067809-7%26amznbid%3D2%26amznp%3D2%7Cid_div%3Ddiv-gpt-ad-1490323067809-12%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630398475&dt=1630398475195&dlt=1630398470944&idt=1728&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2677203017%2C122703086%2C1314645313%2C3360909014%2C3771264079%2C3857202617&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.24h.com.vn%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1065341481.1630398472&ga_sid=1630398475&ga_hid=1003469083&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

55d1393253ded8e10b66c67f0c62234f6bdbf5da8f15da685fa004d57c2f5717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50526
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.24h.com.vn
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9DDA 6 KB
3 KB 45ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 31 Aug 2021 08:27:55 GMT
expires: Wed, 31 Aug 2022 08:27:55 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 39ms
38ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=24h.com.vn&host=www.24h.com.vn&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1EF1 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 31 Aug 2021 08:27:55 GMT
expires: Wed, 31 Aug 2022 08:27:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322975956640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 container.html Show response
06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2436 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 31 Aug 2021 08:27:55 GMT
expires: Wed, 31 Aug 2022 08:27:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 04FE 188 KB
55 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 472371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 21:15:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 04FE 13 KB
5 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 473280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 04FE 89 KB
28 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 473280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 04FE 4 KB
2 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 473280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 04FE 40 KB
13 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 473280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
DATA 200
OK truncated
/ Frame 04FE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 485fe71815a4c4825230c3d726a07fff2a848f872cec034d2477bbf2d008f7a8

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10312934063260930168
tpc.googlesyndication.com/simgad/ Frame 04FE 88 KB
88 KB 12ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10312934063260930168?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnMRf5pir6YzgvKJjCAEWt-xp9pMg

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65f868b7b236688247b9941b8a530222bffb10a67d357358c36a4e3005d085e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 15:19:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 07:07:46 GMT
server: sffe
age: 234525
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90319
x-xss-protection: 0
expires: Sun, 28 Aug 2022 15:19:11 GMT

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 04FE 3 KB
3 KB 10ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 06:38:19 GMT
x-content-type-options: nosniff
server: cafe
age: 6577
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Wed, 01 Sep 2021 06:38:19 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 04FE 344 B
618 B 9ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 02:55:33 GMT
x-content-type-options: nosniff
server: cafe
age: 19943
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 01 Sep 2021 02:55:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 04FE 0
0 17ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4Z6PBdPQbIIM32dvfYj-Xk2HbYF4QHSmmWMkUl9YwjnQOfhRzIpx3mSkDh2nIgOCkS3HGEjtQoonsFtrrPRpJ7wlMlw
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 04FE 0
0 91ms
87ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvlu5C-gtYZvEEp2V3gOp6aPQApKM4fBkqN2yyLMOitGj7b4BEAEg49GxJWDxrfyFpB-gAYj_osUDyAECqQIME0S95NOzPuACAKgDAcgDCKoEygFP0B0ztpd8Cgl01kzZCKTk9nvu_oCN8Y5FG6Q-WnQ-WGjuBIwWJHC6RaY1NWWSm6NkYnmIYJ1xrZa6AtgeZ_IYPMy2PhSJ9c-f3LE23pF0MKI--NCoU1Plyq3amPmLydfvXy68zdyVjkhouh68tUrPVyTGhFImnNPdCCR4HnghKF0saMlMBt9kfBVLHznwbCSGN9969TcFYbhkHV_kq_e1AAqbQypAkUtIL1_Y60B_wyT0g5uH5zp0AqPZ5u_HC9cmC3veUi3Q9r_CwATxosbpzAPgBAGgBgKAB-CA3TqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEOL7CdIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01NjE0Njk1NTQ5Nzc1Nzk3GOq2Hw&sigh=pobpU3ILdks
Requested by: Host: www.24h.com.vn
URL: https://www.24h.com.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86FA 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 31 Aug 2021 08:27:55 GMT
expires: Wed, 31 Aug 2022 08:27:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 30F5 6 KB
3 KB 14ms
11ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 31 Aug 2021 08:27:55 GMT
expires: Wed, 31 Aug 2022 08:27:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3a76e11164a86988168715d79d85fb20ee0bdcca58f6be00f6578438dfdb682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8548
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-2286909-2&cid=1065341481.1630398472&jid=797247306&gjid=1957777796&_gid=1177277225.1630398473&_u=YCDAiEABBAQCAE~&z=1856361322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 Aug 2021 08:27:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1003469083&t=timing&_s=2&dl=https%3A%2F%2Fwww.24h.com.vn%2F&ul=en-us&de=UTF-8&dt=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7166&pdt=421&dns=0&rrt=770&srt=423&tcp=450&dit=3225&clt=3225&_gst=2992&_gbt=3175&_u=YCDAiEABBAQCAE~&jid=797247306&gjid=1957777796&cid=1065341481.1630398472&tid=UA-2286909-2&_gid=1177277225.1630398473&cg1=Home&cg2=None&cg3=desktop&cg4=home&cg5=null&z=1479205614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 10:32:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CB30 624 B
297 B 18ms
18ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNXKJCzcTgTBk65IQejKW9n6u77MWIOu2tlXqplxH3U9vOWtzH-zJWxqwiQawErf5e3RebP3a0NDnB11tLnVZTpOfWGgeTgXK_2s27zgc0lQiTn5YOtq7Yai3U_xkpj2G6G6YI1Gr3iocMxCjfbEVy4GkHaoYMpG-GIVSQF-KI9J5CwXUR4

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNXKJCzcTgTBk65IQejKW9n6u77MWIOu2tlXqplxH3U9vOWtzH-zJWxqwiQawErf5e3RebP3a0NDnB11tLnVZTpOfWGgeTgXK_2s27zgc0lQiTn5YOtq7Yai3U_xkpj2G6G6YI1Gr3iocMxCjfbEVy4GkHaoYMpG-GIVSQF-KI9J5CwXUR4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmriN7595XDwCx7HwNLPvkEzr-E1JOoB4bNlZMqqDtlVLqeLq6Ovs8MnRbI2n4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 31 Aug 2021 08:27:56 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1EF1 12 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwF702qLtjPMllAl4-g68S5wPnriVdl8MHZ7L66TByW28Lr4kZWTRp4YhTsATgr47qBIeCsiHCihkPp6hKeIJK9d8AI7Ka2YdFip9rcayPlIL-DCiletip1GjdNrEzMlAr-9URULs6aosbHT-VLj9O0TJvKA&dbm_d=AKAmf-ByggdxZMO70wpbp1z7pgJn4tPJVs4jE3ADlojACqb8o8xZrK59rmM1kLsGTDnm3fInMlx3FH5L8RV1EZ9qUz9U-xKn9JUYIBwanpncS0ckMkmCJUukbyrgPn4KRAgdAbcbpOmL_RiJcnEiA6J7sIf0qp-yAoVmK8rUqPKMwzgWcqHfvXR-N9qQaRQqFtMxGAip_Q5CJmbb2c22gWUqw-FZM6jlChfUu635QU24iMEul2eSkmDS2mGvzj2rfK0wuHMSnJe9T0d6INZiBU8lhx7ddPSAmkasKr9P8ox-gs-lVubpfv4SwjzTRPMzVRK4yHk9M2xRXkKY2FyuKA_uXZsexsR13AOp1YJFW1SiQ81M4dl7Nkd-LaI6aHSQ_M5WqFc-kXQ3-bLCA12u_C0iHKKfyRysCJusav0myFEC5NLbBvlOisI9xPOEpAapaQoSvk0g5-OcmmsqVAaLCRsUfOCqJ6tGrAiZryqW-vZrU56_TSmJneE2XuOFz36VOitjHFKYqw1ygYrJLYnYqKWhUuCvE7MKfXZ6JmLGDFkEHmix8b-XK4s0RP5hZ5usHN7DoA-yqwR64HUrqqpwx6cvAATUdk6YPMOMc6j8V3pw7wkuN8fOU8exp-Fmc14VMyZADWTv0t6JikvHybaFZax8bfLdeBybGLXDzG7wM5HKcmLLrtCQeLHpUrhBQO5eV-sKrZ3eNQeToq0UyZSjlrTCz0TIrkYdT5NnBaxhaU-OLy_FjJrHQTM45q1OtDx_9eEhzXqM3Egr9UQeFgECp4vvemCtMmpMg90ZxOCrkSs3-HmS1jLaEziFyBu1J_eitPU9s0KyFlCUsb3lcDq_PUoFaOGFiz7HXpoEopFZnXin5mn2SgEnajSUBp3XHeReTF8Z__-isZOPqSDQNEnLh4oKGB6BMvXSnOmt7Ge-hoHQukv1uhS8WjHMffeuFdUcNmnTZNcEGJauPyAVPGEfa_oHaFtnZZ15cFsjH8putNtJbl4cfPL0s7lf-GMZfTAg8ErX_eBQwEIsKgdsv_s2CwpV6HYFqqFDgsAkfM52LYk5HVPTM_F3QwtbWht_SjX7qVwZ8gDsM2pBkarnJCKccBuigXX594dqPZN3egBzyEq_V_N9RcgmsW50DIfLl8mPDlK-v5xcXcVRecogGCIioq5CcTGN2lhRJdRbvIjY8menSzhnmee3g2klOoetuy895yIVDa7pC-qXxKaK8Vz-PGTN-YPuuhc4j3uDyrgfwsAYf75rlR-Eobu43Zmeo51Rd8TLAnKSumpOeTsgUls8iIwXflxOjNRvxP1ouD5fgpx9UDgV6x4jtTnVFjJd57-ywW-tKMA1f-H-pPxzXCvOXa1qmyascPUnw1RB47KOy577Qv2cnhhJC5j7-whNy8k4NgFY3fhXHcwYljZpH-pqVGBrAQ5N-lea46gq5blgrMS9MoGuUE1Knmw7DGEuDbyrNHghr1sJDo5gy6oP2aV-o3xqpq_RxiM-ulfolcTDkxwT6k11NRpLdFsA3MVQEpoD0CmOOuPqdsVfIw8mxjnQr00hOSk6xPc-QLIlkgg2Gx3MmnQMKTwism05hc3UOnFRbB4F_n3I36WpzUu1E8C-LsZGuXm1ROh9-SuPPofQahEhR7JR_yOqiLWaVMraeCyebNNvMoYawkYBYGjS0OICu2a_eJZhd6gsPkWz13m7UtoNkST0-XLRjG2Zc2REOcK82564rN5frBLOuIWtZJBOfXugEuyEua_5cIUNAFVAScsuq-PWvGh-KKRzPvBjCnOoMQMNJgRRFW2ezuzB3pq5J5gI6-rXsSY8yOJntgF7WgpR6bdYLpJMwEuC2W0J4Cz2oJ2Ecton4XzThgiCYq5KqJPAVD2zik8km1SvoNEfBGv-7HRbViAkIs3rDDbxGu-6ITotmYUNQHOLrKyfzif6SN-HKFtdRcCfysSbsjCI_pmDnvLm8o5-WcWj8aQKyrTzY5MapuMIUgXf-vg1ANiRs5_XhZR-L6JPXklssy9-3wi0knmU2XliI7WrJAPTQOjryheh5Fz4mIvM-1IfsF5zwKlejLs6MYQRR5GePEfQazB0VK5mhartkszOTnaHEqDwN9BTd3Xn5R8vzmLtwHZ6hm_fPW_CKDIrohuUWqOZQ0dh5CWLej3ikFO_3o6ofTXzKvY9Hcsgf8F3EtIkG40fV38zvosy1Te1J7FElwQsgb8e_Xr6P8Y2QJSnNIESKfZ_ZNilyUGPGXU5QTW3Qp1fl6_dDFlEFrwaq0Q6g-itbqZ6xm68gYoF6S2YUB51wpMmCP7f_VrxszfwEB3KdAWmMQ63Aq9jZwmO-2BtzcZcX8as9tRw2FQbENslZSPbvfMFKUNy4fG2E5mxsutDIHTXcHnHC6WhFV0w4_SM_s3V5v7gAKxklfglE87U5SQENDLnSC3ACgSwBkWy3I1EXd1DYJycxMpzdst1CNYp3-vTj2c2lHsxJwKTYX0&cid=CAASFeRojwfAhS5FwZOpHYaddJw-D8rx5g&rfl=1%2Chttps%253A%252F%252Fwww.24h.com.vn%252F%240

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60f1a901e0dd1b526a19d1e3e310c6588c0915d5aa3467d3c2d965dc4824c2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8806
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EF1 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8gfmE6M0RaCZ2KMnmWtQsmYKrX0leXwvzjjn7RHYwZllwxxKNYIxhDfYFjCvPFyUo01lSsY-uxoRAzZcTruVvXDqjHjv9boNSDlTOcYUUVt_9dcY

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/791812/56413830/xbbe/creative/ Frame 1EF1 234 KB
79 KB 422ms
185ms Script
application/javascript 34.253.169.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTikw-qLa-ZslLE1LUSb3eWK-h4uGYuvfvI1JHYvvC0j4fdIjOQ050sDxYdJW0RXbgTwAjMXr-Bud6EqkSAKAmf-C-gzsBp_oWTqtczCNQqqk-Nwpai-RgbGm2sAl8yO0pdKfsZO-m760Z6K7X3M3xkkMubgwBV-6PJP-L_kzZHzQ370-NEP13CyscRejIUqDQ4w_cTMP0IA627A9ILQADu2blhTRzOUvqcDNRWJsPWXoy3CiD3GLYb9FAcD_Zo3WDWEaarljpfNcCrE3DLiG5oXPz7Ug_L87UcqmbVvjlMe6Jx3zx_mg_gL_WYeeVFe9oNZzAZ6VNqbAPIagzAwCRuE3VN9Yoh2l8J28wdH8dbrG8EdRWOsAEBu-vkvQgLheO1ZGwWxVSkBcm1Vbo3xdW9Y0DW7Ik6_1gSL4RfI4jgR7Es8W_dDY4k913xiOUtvl5_K2X31jOUr89y1YBhMu_LvAjtwyuaU-cGJPJ2lnxAg-JSYcPvNaWR6qhyvQMJgUfbhlnAGCIs_UwVflq2hFVe1Dgkfyp8UHsazYDnL5YDiln6xvObhmTWUQ0n7SMShFNUwpgI0DS4s4JE6Fl1Rt5KUAl97NqN5CP4aSVLU5FoXznApNk4v4lzWltWgR6HhTARsbyqAbYgSeZqMLgzEF6KarnNQbIMQvl77pnym1Vmm4--X068L2DnDH-amZWumR_Co05tBzE2RpsExLPfO7gULvuKNw7X-ffmfmsagfv7FnAZSt4zqPT_udM9Mrb7drrOVB1Ts2haPgrOPa4ZsFO0ITcS2aFxVCB33sYwiXLncBQSLzHdf-XlZ13EK0nl0gDSPjKQtek96bXmuElOv4mIZaHaiiShSvuaPJEUXdc9VgVP3edcnnDE_-WmKWqmCM3HsbCX7yqJu0z_tFL2VWJdzqUvSL6FOigTJlMqSimMHtmJ7aLYor8FuiYiyA-0lOnyWYeIfgnDPmtq0gDPgG7h75FcwnBSMkdfBphNYXCNpRqM6WadJl6Z5inDGuGQds5HkCKRC2g5D97qfL1PLXphokLpppOfFs9S8PhGD0IXPIGAs7XAekE-pfIgynidePmZZAERo6O47ZDX1OX5vhc3Tur7YIMtQ-DS1oBuO-aX9DvFkOlhmjbjAdUKyKK-YuLP7DGbHVd8IsMRBqoFcdyC3E6OHr7E13Bbiz06x0VgxGMkanctaEXxnmlrkwDmEfyzmEgP_Ce_m3EuaeNlEjejFpL2TyeVRlF0iq7LNATMDt_zEok2-GGcXXZXZx9p5qImw4iF0klGjOt5BUTgT-6Km-7avNUGQpmUBYB_OKwiQPAkYPh4ORS_mMJVTMh-0u0t0tW7rVuoEIJVfvxGkojYzwnStjRk2VrqtNmVRenowsP5qL93-zuzfBkCY_r2jWfZYXKOesf3ZD_0xEKCBAAERVPKU7qqIIJqO1u5XfR2__TJpUvkRJEcE6X8OsWQHoU_sRfWF3Z9vCwAasV8BVPdUJ3kjlME-lofvRDa_V2VvDFCwa6nueIxdN25ufKFXYt1zJvjfSTIIPWYTCNUF0NxemnOEuEV-h-y9qV6GCCzoUivFkZPlKUPLrSo-h2RRgb1b7_pyf5-9QMejRX5m4G8gORDXNPWFfaFDVqaWOv6AsNdiKFWhATEyaPM-lHCNyfX8gK_vhxzj-hGyiwDZyYoQcd-1N19ZYsE7KP4Xgktqbc5v2IZoXToEGXqEXf-xcXdqcAR92JqUo7WAVfJIGCeuR6gjxtSqASpp9y3v2Rg9jg_6NmbC7RUZVZAK2whfnttCIt4woS7DELhQMhyp22w_A8ZPnvRF0q3WYR9Qn6xr6lGru7unTM95ZUxmou9gSdW278HCF_Pv14ec9nMeo3BBv1PcdAnOm9QLY2Yx0MBL5f_MtMaSrFWbssNvqPyNOKCDTHXaLSfUV6qdQSweQQIPOG9mDPN1bAKFS7TMksfJkvdq2fBzxVDygMqd1uI0gjlJjQ77QzKDEnaLofGEBRQ0-HV4YCC5gPAcj2JtHjCcPp1T7EucDzfC0ghq7qGY4buY-VD-T76QVoMkMxZSuKwHdho_-r8KkCbQDWh6zreE-vCgYo-UmbFqkvmzsSZTQYHwvClh5amUnMijXLRuu7KyVXO8pl0x_KqVVlGVYZg2u938YeJaQ_xB0pVrVWCVfrBRJgJ6WqLFthgqDUORZ5OV9YbRNin-WuRlkW0-vTSxD9FbrL7UofOqKgEh23v8VNdXL_r_CF2TiE6em05riIPJZ4wja5wYkfZ60dGKeEj_1emaWM99PurVeneCKO7pke2Cj07Th6MRIO6J2REMncoZM5DF8s4C-uv7oKPWRCC8iH4lBuIsfF5kspYGwpGj_rYj9r2M6FxnEB5yXpQSPJKIIg1vkYRskgSifQLQRSyjfc320-eGtF_C7-p0ZlkWMTV5Q6Vcdktju8mhh1Noz-fwUD41ALaA5lJN9B_u1Vu3wJRLyL5jN0skwjtvhj2MkUp2PT-GcMtKzs71PhLVJs4_Vpbp1mrbh52HbfmRV6Ypq4REwhFXc6jOeqxYx1K2TgPhVaqW-5DiIrS4vMMb-JlkQTJT_c1oqak0SNDF_IeWLDVE-1bSM9Vt6OjBgGVQFYCqEh6SS85gBDYNU3f1k63ZZLEZtbR5dtWl3JoWsggCwh4bEKNLYHFHjq44EFQDdgI04vUo7oEZF35NxQcVtP2dlKgDFQ99mKLM-oRK3JV4PwNq1Z-2ylv2kyiqx5BfW-iPtcjTPadQphOEbe8cqy1rmSk2JqlSpuNaUXOxbq3ed_3vIWELdiGHgZwPQgDGYlkH7aWOPniXWy6ylIrjAJ8Xi-RDV8a-W8v5p6m6b99r1YJXt-U_FAEgXlyqUAWO5ej6aPHpBAXi15oX_qui5PmjoH6uDfcKrn78uJXoibR1fYYC859kSROdxdtrf5isDFa0kFxWqOxLwE7SOnp6VcHahHsth9T9R0n5K0fLu4euIrBcEms0_FwtHgaUBWMiU5FPPje9EmfsUntNzEp2hLgdZ92hEcxoDQyj_C-12lCiX6IcyglBvGx2sg2l8N8LAu1HbMCIWqiSU7dnyYbU9t4atrqPxtNi7vLH5WJQYBNJuXlTF9JMg4mUw6KlT0P3W8jxdbG04672Eo9qCf7QYcCgZs3wqgfW74hMIS7wwdBCIRPzeasjtATL_68V59CQ-DZM7-tHsaGQgAEhXkaI8HwIUuRcGTqR2GnXScPg_K8eZgAQ
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.169.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a213f767368669cbb3ba38c4b7619623ebf41c9125107fd1bd7151213af746e1

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
content-encoding: gzip
x-server-name: app17.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 1EF1 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:17:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EF1 122 KB
37 KB 254ms
253ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 1EF1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:25:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1EF1 0
0 245ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSqS3pPP3k-76QS-HS8q_3J_ufLEu1reuRtywm5VuZ-eXktoet0MY5EZazd5f_GaDjH_rzmcJw5BEG8aKCC-sWu2r77g
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 249ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2286909-2&cid=1065341481.1630398472&jid=797247306&_u=YCDAiEABBAQCAE~&z=622587774

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2286909-2&cid=1065341481.1630398472&jid=797247306&_u=YCDAiEABBAQCAE~&z=622587774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D733 624 B
297 B 20ms
19ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNWDUBs5tjcMp-zxVD5Hq7qVdIQLZxkyE-_hZ0k-36vLz8Ko-M68vFMoAg3pWijxgU8-uLV7YhI-3_v4OqaB3unoqdE7WrvBXpj0f9pH8WKvs3lqMc02PHAF0R20a-F64_dhl8g07fIkFPBlthKTGj9tWjrBU4V2r_AmlnJo8WUFhnBdN-4

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNWDUBs5tjcMp-zxVD5Hq7qVdIQLZxkyE-_hZ0k-36vLz8Ko-M68vFMoAg3pWijxgU8-uLV7YhI-3_v4OqaB3unoqdE7WrvBXpj0f9pH8WKvs3lqMc02PHAF0R20a-F64_dhl8g07fIkFPBlthKTGj9tWjrBU4V2r_AmlnJo8WUFhnBdN-4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmriN7595XDwCx7HwNLPvkEzr-E1JOoB4bNlZMqqDtlVLqeLq6Ovs8MnRbI2n4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 31 Aug 2021 08:27:56 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2436 12 KB
9 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIKLXFkRtKac3j1YSM3qyiEQLU8YQYGFpXrQWVO-GgKOpB3JwqIe5xAnBnXMhLZ7MpAWGPupLpeiUO2r6TPyjJxdJj9llABAbmAywFaFRSRMCWFs-D1_YeZuT-d31cUn7uFuaaFZJbpDeuX9HMpCOOizeqbg&dbm_d=AKAmf-Dec3tE1fn8PkLd6n5iz5Z_hobJ9dbF2cgu6SwPR_gXld0Ln1FPRTuYoVO3KXJGPstI5B3SmO70jvaN3fgyM-MOAabYFqSbxxr0mgJ7nfhxaztDRVKhLiwVt4WCasSDngg1Arv2aDsyd34L8Q9nY77cSWfWVd8UNcg14JgltslPLHDd_xHiulSOnEku59P-5gHoMtXNg4m0xOwg0tZK0T1OxoGmYq7Of6IP8uspDI79bre23cySygaYFealo137y4Zr8XAWgm0DAqrnfTOsLSSbhq7bAVsuKeLvB3M02QNc_ldbG1QyLZCX0u2JS6uCA22zutvt6A4micfIRbWi1npjBFktwwDe5t-vVnXSkx3gwzDoTtoWafY7VuIu0BLUtvlCngCYXzUpWKouB3VZVoxz-xmuybfNV94rD_0rkvi46w0zfsQK1aZv8QR5vdqmPcOpdRmwKc8PvMAkbG8nlGyVHUYiu6xIWxkEXGbAG1mrsQZkImgULQzjZthQVQRNYrJO8QUaZuqrd4PfVnHVu5BPcSUZ_2yceybVlKLyDmsTT4PMJJQxRLzIKdtwjQytsMGHZGqASKNly-VpRQdmAeunFmbKvZz_cHcx3erNilMom8-UmTn-AUGG1aiQAFiNmXzHm9KuiQeO59NjocJYRCiPGnf7nUBxnjuPKHR89p2eZdjbE-_Dvec4aPEU_f35cTUDXF-yftpwexDkQtxKnW1T-gjOhZ1sRUIAXuxbwYKQyXjiUtiKxOokVAHMtx8A7p475qf5_AZX43-eU4HGfCk-JzMfze5HijYCcs7XbkDtEG8GYIYnfqT8bRApzxUxjDqFrKEL5CAmqAHQNICOTKSZ-QNNfUCWpzvDFh2sBnCsCuTDIiYj45Sk7Ec0TGlX8EY-dvkUFMtvaXdv49QswYhQhkMRBApUt9O-eiWB8RpDWy_aB4IEj0ucilatKsDbqtM_zI1YTKJA-n9AfzsKp_0h6cttdtKGFVm-id-14mB9VQazIXcGviv6-JMgYgko_i7h4tCA4wb4jfSPKumlQFAN5XsLnxHCxD-ECwUYnyRM4tM7EH_hCbQDRrcfrJWpGVY-ulU--NrkbKrZfUb94QFZScOD2UpsncPGu0DPiC7bgBMfgd5y9Jjy-4UCtftlw0KAisZy0jKJ_gX52f1REIhDs5ngreZ3cDWQheE_3iygA_K3Bu30iUdDHVEYTUxYFHozU6hL2J8f2ZcWuEhnH9WvdS-ERC2dH0C5dQUu0LZxQgPVj4Ic1YVdrayGZIg8FbwSzc53NszMRCuIR2F0yyAXRwVFz5dqvqNeiWT8izRBzKl46RvDhlBOw20z16ZYaQJa3McECUf2FZf3mPrdgDBsAdrXtothHMiw86hGmcrGR9_04-JGYWvmxXoO_GwA7RaWKCFDqqW4c8LV0j6DprWpqJgM763SivpJckmV0AKxWwwwe1h20AofI9rgD__NfUYw5iRyWCgeSDA3GY4Q1TsIw45ilXmfW2WKNyChemqANZ2iVwixEkGpyozwZXAgWfIhYj3kt6Ri6btC-8UsxW5htW9UO3xi954geW11MbwBfuwwSMYKQ2SKLhc8V19STOJ_y8-ixlYmBwCsrT6KDeMNZOOAX9N5ubKrN2PAePmTFuehKRlcfUdUb5EilxdNBZK2MJd3h5i8okZH2ruu1QEHgn42AHzgfWhD-TroO-xMPocyV9u3VdUXYmJzQkIeJg0To4ytvhCmHAb34f3YKKwvYgQroD0y0CTLc_NOJaYx8TyRcG0mKnBF4X9Au_Hc3m2s6cG1ZagT9AdP9HVieheelmAcznONyXg4Q-MFgXGRRRiE-vKq_FJKvideeX0lwogdFJUDOA6ypNJw_0TxNRg8aqxOfleJXBuXnR7biAgUQQwi4UrCUH4n-ePw_CtAaGjckCAcF3gLdSkOXIa6ueXPpqH3JYqQHRH-ZSDPgFsKGTgM3wgRVgqXSrQ-S8ZWdWmsextG-4wdG1wdpsZ54Mtyf2HJXQSeHtri310g8kLtiTx1mNEKiA8vyvgRhwSdUPxs2l1LNTh3_1oNP19AGc5BY8fEfhiVaXWBLaT6L2xUMBEVkfG_g14888xiQTOn92sgkl-HF8-D6k7Pao-oIyl5Z2MP-_DiLM3x3uYdzJmrDd_6LUkJvS9UVaHLw3J_gk_qRO-nmnrS2lzkgX5rfelvqZ_5k4shY7bNRGPkYB4t4DoiDfTxtzLAkobwqFpY6NMN_FWvHVS4ccmDUpPVAn7Oj_Ft12rdHAlpbM5M2Vl5bwaTWtQov8Xwn9FbR7yb-6EGTE3vvP1f5qdiC-K3o9JBFNxO1d09vvRYWffjA1XnZ5ES36ltBYV2sLjAp1oFMLi0KO01JXJdKUx8QuHjdZGkPRQQZjjXUGibYDs-n2Cl8qlE0ctIDwEXlx3gNT62pX8dZw50D5V_fjtCoP-ZBgmXWqSWDPkI5q8CRX-ZGZEMvsJIv9U&cid=CAASFeRomT6tqLKxzlZyyN-_6z6-DQ_72g&rfl=1%2Chttps%253A%252F%252Fwww.24h.com.vn%252F%240

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44027947ef57143d3ca886ebcaf1ccd676e3877166989831f6c7ae79270a3864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8799
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2436 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dvg3cBAkK8uSoskSngghHwTr6hQeX9nGdzORr4VmOOH1OBV8zrsomCwg102qKNA5zu42RKFl_SaAgVS9xa8MUdh_QEvjnvd0lNHtOcXIFiwKP3V4Y

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/791812/56413830/xbbe/creative/ Frame 2436 234 KB
79 KB 357ms
129ms Script
application/javascript 34.253.169.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3HjkPQgVNUwPFSHRyt71j8MUytKD5dlDqc085AOMyyTPShrM9K1Yo7q-g7ecdE4mbhXNCNlCDVLeetLuimI3zvxH7-dxLOT94SAulbtEqkSAKAmf-BbjUPRmi8p99lyTH7KJfoq1RIF0Ci1Ix4O0n8tfzu0AEEQmTCuuBudLOl2oloQ3SooBuTL8CtztAO1x4dP9h_hvpB8viZl8n_xP86Kv1wHGlH4cqzCGumjF6hS9GLO53KV1MiDT_QxHrsgd7IVMoYMgMkCgjJEe1YY9JcXlg9ysew3C9DfkHkjZaVwxHY2n5KxSQ3Y5-rXHcNgJze-Z1b7UC6E_XdY-LI2lhX1xXyWBdVqTCtg-g-AHqrMoQSsWBbDdZHl7-9su1NtcfYKMZbM2HXt6FEozwntfN5QXaNU6pe0bFNSs_odcI_NtDrnsmqY1SsWsa2xdeH_YKC5Pke3Du6By-V23KrqZ9t3F5R0hyKIcgMkaKoXxJ4Ueql_fEPtXxKyKOBLPiDARz8hnrFiPLYWQe9tRWWtlliZ1zo4d0lK9AYZpqAM-_Rn40vpgQGRUC6WAODRLXYc0o6MzAiDPvyYVF4e_WfUnmsTE2a9HVKOKTLa6LQLC4aArg9-whqa59FMxsSHxSvzDI9W8AuNg65vBsUZxPe6gW5IfxEzjjZ6auEzGdy7GFzCktStWS9iNpeld4pN1szd-Js2V9ClBofrjLknIVHU8P7eBtmgpon9rjue87eRaDUKUHdBOT0-8UWbWjDN4W6rY6gtoCzO7nbHmSpri-TxpFJXDM8owVG7L0Ko44rieFgdbDKVTR6y3hX4fTclEngIG4XrlnVfSJBLcE9ZRTTaWqggvse_4lHHNTO7ywoWyxQB2tmYlfzxn7kGam8RTIDOqUwSRHiZy1OIWt2agLcAX0HzrPTQ_68F5YLvo1ydlvXIFLUd_mOX0Sc_H2qBYGag3xiWCXhrRSK2nSD_IWPZxMjIMHZj8Jh3GCKYM4Wt_n5JxTWf43ribT690j8pHJanPCq0UqHB7CqPt4fAM26WfM74tup7ow_RYyQKhkXI9MSZLcxYhY_IVnGtjM_cgeNxmenN5V5G-mHtRq_UQ6tyaPvjDBtYci3NJeBz5C3s8YXseeoMBZvPSFb1apftew33CL0PuF-gYeGgMzXB2pPkBQy-fsbQG26GtSqM0GZ-ms46FaDOXbGGh3KqXmFcNcOGoPSzSl5OXF39Bl4UB1cpEzV21_WZIgGuBZ2FKyxN5YLq0IL6dSujctbkjKKYdDYoJd9rrv3Wi7IKDMmyJCkkD0IZVCG3FyZerXyw2MfnhSG5dkwtgh0dzg6naXFwkg_OuIpx0btNWKToRTV2eb0FYbvwJVQ6_UbSXAEosirOTI9zRYW3LoLXR1NUrzqp6SnrsEiiqJ2gxSZFDIp1ajFwlYW2O_8Bvov9z5Z9PpN1WfgP6i62bwUmozMta4WUdlZ1xQ_aIXv0Z4frCjMHa-BcUAy_-ZuKhizvdRe0PcGmeTcPD7lIOBfsF9K7lu8CrhSJVnirajK4Gh2AFUYsH0zPXbEuCsngONt38fmS0ls5XBsG5CtltL8GM03qSKQvVRsRFOxfBExCWUCvqKl8neRHygZsZbRXXY1o8s6BFilVlkxMME9yvj75NhLuu3lWqTzzSO8OOLUFtjcUQ_PD386-EF4rpMH6zczMT-jO5iDx_LFWCtiEdHf4YhpICRdoQ-cNK0uxvPmUo57QSZvcfYInVKqzeGn9zIsCKs98ZXgXNW1Ga_imMrbV54LnWSWsTm-2HMjsJiekmXBDEJCO3L1f9o5jeWv-SbwK2s9aCwJYOz9b3bdHoaw3wfGNporCNcpdgkRhAR7spJwLYQKZrXnA_w6KDPEG1DsRCAUm-EpDRoHH1XQULLGCnXglwhYw92IV_9QNEO-EA_AqUU1z7iLoxKc25K0sPWKyu0BcWrLJhUFiWzgBbmws6U1w6ZAafiA31UqjbgjFmdkoppndfjrIEgzxyhU88KjTragIR0Bmg2pRTrjXTuroOqiiLdqP2HkzolNs8QJJjeOPqK0L3NdoexFbBBsrmDq-D29wjcFEmGfSTA4KIa3smstTpG5sr3FV3hZ8aHupL9fw65cw1vkV6G3TM8-KjpJDJwQkErD8oV7vriE85o0LxEBgjkWCNRK4enK7LKiQn6QX5FWFMs-_ulMUwcpHAE0_B9ed-JJChkpAeyDbcFR2x7NwkEROHoYBcM5WvkmEp3IXSfeZW-nwnkJwDp2ZSx_g40bkWR3TTW2_6dk7EC3D5nXYsrRSmoMBenv5XTKsdP8SHLV2FFlRCLXAgG6Bi40qHPpY-1XYeNQk4VkeiGX7ep1ET5GF5tODpxv_oKzBqonCmCZioB2TdkSek4hTt7op-ueDMY9rDOsWTsd0lQhBlEZgyOB23nfJYaQl2imWnvChS-jp2eKv9Sua67f57Jk5gP1FS5ZqkLhZ6m5imdEeG4X26VfurM2iTwLMnFTWfFVtquq2R_OPmQ4WT5Wemfz_P-LRqSdF6S2rYvM47gBYZfi7B8ECTCAH9Oc_kslWb3hh7ORUiS23hQuPWxxkowyxlTnCdXBr-QXWaYqvr5wnzs755UgsVdvn5hyw4Df4BmEdkgwpLUD8Ktf_M2kr8jS-XPar3CQYf9wqqtiCHodJ9P_umpCmnbicOFfSiBZp_XnW6Lk03iHqpz4UK30hWgciQflTrwTG-gDsnNgqZqMwokxiP1NYCTS-U6Xb9BhZdFnB4cze_DPaYHyVdQbuxXw6LXol-QExkcydLEIUzVf0Q5ITGmQN0P3a9Ra7c-weyBB8ZlcsTzeCwNF5z_s3dl6WvSccTCW-6fUTAq76c08E4ccyHHLhm-sHwFeBySz5aCctMedygoiWyIWGhI8kyQt-pCcqtbYUAhrbfyqot08_5aajLYBsUVteaeZvlMAeSL1J2INXMdSGTLM_W97NGfdO9krPJDqN-MT0QZrmid5iKcIRcqswoejR_yLbXlGXM4WTO8yv1dzxqkCHtSCfc_I6jt8D7jNQ6dWsS3myvOFa83zZAdbCVURgEseNLIJQ1Un6rkUzPGoZ3mPMXPfVjVJ1RhIvUxuu0yAS-xZpDzIUShduJ_lftbKFhMT7B_yt2ShhfwLrDLTDvEdXmZjG0IE9MBmWAS5eH9bvheDEoM-21uCreyhD0Q-Uhpf7zmVpFln4PyyhHZBGF0TYkyyz3WxiCloaGQgAEhXkaJk-raiysc5Wcsjfv-s-vg0P-9pgAQ
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.169.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 91f05d7991ceeec212d4415e79f57f7f1d62e3f981040197573287797c28fd5c

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 2436 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:17:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2436 122 KB
37 KB 223ms
221ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 2436 14 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:25:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2436 0
0 237ms
17ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYzwNlPxjrKbj3ya3IwEE9shZs5sZvq-Mg5GZkZCxlHQNgXsccvFLjMLRV38wa5zK-tq426gqVoPUpT8Ry8tciUoIcSA
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 28960c8a32e8dcc49d8dc53b67dce604.js Show response
www.gstatic.com/mysidia/ Frame 86FA 11 KB
5 KB 10ms
4ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/28960c8a32e8dcc49d8dc53b67dce604.js?tag=pingback

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 14:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4667
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 14:34:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 86FA 3 KB
694 B 22ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 08:01:32 GMT
server: ESF
date: Tue, 31 Aug 2021 08:27:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 86FA 1 KB
858 B 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:23:34 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 86FA 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:23:43 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 86FA 2 KB
1 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:17:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86FA 122 KB
37 KB 272ms
270ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 86FA 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:25:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 86FA 0
0 18ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR04e1SMu01sk3HGoXLX6O8liYD_GFCKNacc0cdos_0czinnEPmRJOS_4EfQaV5khAgAeG5GrLrQmkUtvCvUF0TVcrZtg
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame 86FA 26 KB
11 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 16:33:03 GMT

GET
H2 200 28960c8a32e8dcc49d8dc53b67dce604.js Show response
www.gstatic.com/mysidia/ Frame 30F5 11 KB
5 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/28960c8a32e8dcc49d8dc53b67dce604.js?tag=pingback

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 14:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4667
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 14:34:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 30F5 2 KB
604 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 07:55:50 GMT
server: ESF
date: Tue, 31 Aug 2021 08:27:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 30F5 1 KB
858 B 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:23:34 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 30F5 18 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:23:43 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 30F5 2 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:17:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30F5 122 KB
37 KB 286ms
285ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 30F5 14 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:25:25 GMT

GET
H3-29 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame 30F5 26 KB
11 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 16:33:03 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 04FE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

49ms
47ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Tue, 31 Aug 2021 08:27:57 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 10312934063260930168
tpc.googlesyndication.com/simgad/ Frame 04FE 88 KB
88 KB 11ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10312934063260930168?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnMRf5pir6YzgvKJjCAEWt-xp9pMg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65f868b7b236688247b9941b8a530222bffb10a67d357358c36a4e3005d085e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 15:19:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 07:07:46 GMT
server: sffe
age: 234525
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90319
x-xss-protection: 0
expires: Sun, 28 Aug 2022 15:19:11 GMT

GET
H3-29 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 04FE 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 06:38:19 GMT
x-content-type-options: nosniff
server: cafe
age: 6577
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Wed, 01 Sep 2021 06:38:19 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 04FE 344 B
368 B 8ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 02:55:33 GMT
x-content-type-options: nosniff
server: cafe
age: 19943
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 01 Sep 2021 02:55:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0D73 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 31 Aug 2021 07:54:30 GMT
expires: Wed, 31 Aug 2022 07:54:30 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6ACC 783 B
532 B 23ms
19ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3aa6ff8300b6e0153a8ea3c49b882f29c32fc31c7823ce23846074fac28ab858

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xfIA0sBn/uZzKS5KTLfSyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

expires: Tue, 31 Aug 2021 08:27:56 GMT
date: Tue, 31 Aug 2021 08:27:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-xfIA0sBn/uZzKS5KTLfSyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1EF1 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwF702qLtjPMllAl4-g68S5wPnriVdl8MHZ7L66TByW28Lr4kZWTRp4YhTsATgr47qBIeCsiHCihkPp6hKeIJK9d8AI7Ka2YdFip9rcayPlIL-DCiletip1GjdNrEzMlAr-9URULs6aosbHT-VLj9O0TJvKA&dbm_d=AKAmf-ByggdxZMO70wpbp1z7pgJn4tPJVs4jE3ADlojACqb8o8xZrK59rmM1kLsGTDnm3fInMlx3FH5L8RV1EZ9qUz9U-xKn9JUYIBwanpncS0ckMkmCJUukbyrgPn4KRAgdAbcbpOmL_RiJcnEiA6J7sIf0qp-yAoVmK8rUqPKMwzgWcqHfvXR-N9qQaRQqFtMxGAip_Q5CJmbb2c22gWUqw-FZM6jlChfUu635QU24iMEul2eSkmDS2mGvzj2rfK0wuHMSnJe9T0d6INZiBU8lhx7ddPSAmkasKr9P8ox-gs-lVubpfv4SwjzTRPMzVRK4yHk9M2xRXkKY2FyuKA_uXZsexsR13AOp1YJFW1SiQ81M4dl7Nkd-LaI6aHSQ_M5WqFc-kXQ3-bLCA12u_C0iHKKfyRysCJusav0myFEC5NLbBvlOisI9xPOEpAapaQoSvk0g5-OcmmsqVAaLCRsUfOCqJ6tGrAiZryqW-vZrU56_TSmJneE2XuOFz36VOitjHFKYqw1ygYrJLYnYqKWhUuCvE7MKfXZ6JmLGDFkEHmix8b-XK4s0RP5hZ5usHN7DoA-yqwR64HUrqqpwx6cvAATUdk6YPMOMc6j8V3pw7wkuN8fOU8exp-Fmc14VMyZADWTv0t6JikvHybaFZax8bfLdeBybGLXDzG7wM5HKcmLLrtCQeLHpUrhBQO5eV-sKrZ3eNQeToq0UyZSjlrTCz0TIrkYdT5NnBaxhaU-OLy_FjJrHQTM45q1OtDx_9eEhzXqM3Egr9UQeFgECp4vvemCtMmpMg90ZxOCrkSs3-HmS1jLaEziFyBu1J_eitPU9s0KyFlCUsb3lcDq_PUoFaOGFiz7HXpoEopFZnXin5mn2SgEnajSUBp3XHeReTF8Z__-isZOPqSDQNEnLh4oKGB6BMvXSnOmt7Ge-hoHQukv1uhS8WjHMffeuFdUcNmnTZNcEGJauPyAVPGEfa_oHaFtnZZ15cFsjH8putNtJbl4cfPL0s7lf-GMZfTAg8ErX_eBQwEIsKgdsv_s2CwpV6HYFqqFDgsAkfM52LYk5HVPTM_F3QwtbWht_SjX7qVwZ8gDsM2pBkarnJCKccBuigXX594dqPZN3egBzyEq_V_N9RcgmsW50DIfLl8mPDlK-v5xcXcVRecogGCIioq5CcTGN2lhRJdRbvIjY8menSzhnmee3g2klOoetuy895yIVDa7pC-qXxKaK8Vz-PGTN-YPuuhc4j3uDyrgfwsAYf75rlR-Eobu43Zmeo51Rd8TLAnKSumpOeTsgUls8iIwXflxOjNRvxP1ouD5fgpx9UDgV6x4jtTnVFjJd57-ywW-tKMA1f-H-pPxzXCvOXa1qmyascPUnw1RB47KOy577Qv2cnhhJC5j7-whNy8k4NgFY3fhXHcwYljZpH-pqVGBrAQ5N-lea46gq5blgrMS9MoGuUE1Knmw7DGEuDbyrNHghr1sJDo5gy6oP2aV-o3xqpq_RxiM-ulfolcTDkxwT6k11NRpLdFsA3MVQEpoD0CmOOuPqdsVfIw8mxjnQr00hOSk6xPc-QLIlkgg2Gx3MmnQMKTwism05hc3UOnFRbB4F_n3I36WpzUu1E8C-LsZGuXm1ROh9-SuPPofQahEhR7JR_yOqiLWaVMraeCyebNNvMoYawkYBYGjS0OICu2a_eJZhd6gsPkWz13m7UtoNkST0-XLRjG2Zc2REOcK82564rN5frBLOuIWtZJBOfXugEuyEua_5cIUNAFVAScsuq-PWvGh-KKRzPvBjCnOoMQMNJgRRFW2ezuzB3pq5J5gI6-rXsSY8yOJntgF7WgpR6bdYLpJMwEuC2W0J4Cz2oJ2Ecton4XzThgiCYq5KqJPAVD2zik8km1SvoNEfBGv-7HRbViAkIs3rDDbxGu-6ITotmYUNQHOLrKyfzif6SN-HKFtdRcCfysSbsjCI_pmDnvLm8o5-WcWj8aQKyrTzY5MapuMIUgXf-vg1ANiRs5_XhZR-L6JPXklssy9-3wi0knmU2XliI7WrJAPTQOjryheh5Fz4mIvM-1IfsF5zwKlejLs6MYQRR5GePEfQazB0VK5mhartkszOTnaHEqDwN9BTd3Xn5R8vzmLtwHZ6hm_fPW_CKDIrohuUWqOZQ0dh5CWLej3ikFO_3o6ofTXzKvY9Hcsgf8F3EtIkG40fV38zvosy1Te1J7FElwQsgb8e_Xr6P8Y2QJSnNIESKfZ_ZNilyUGPGXU5QTW3Qp1fl6_dDFlEFrwaq0Q6g-itbqZ6xm68gYoF6S2YUB51wpMmCP7f_VrxszfwEB3KdAWmMQ63Aq9jZwmO-2BtzcZcX8as9tRw2FQbENslZSPbvfMFKUNy4fG2E5mxsutDIHTXcHnHC6WhFV0w4_SM_s3V5v7gAKxklfglE87U5SQENDLnSC3ACgSwBkWy3I1EXd1DYJycxMpzdst1CNYp3-vTj2c2lHsxJwKTYX0&cid=CAASFeRojwfAhS5FwZOpHYaddJw-D8rx5g&rfl=1%2Chttps%253A%252F%252Fwww.24h.com.vn%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 07:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 07:57:25 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2436 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIKLXFkRtKac3j1YSM3qyiEQLU8YQYGFpXrQWVO-GgKOpB3JwqIe5xAnBnXMhLZ7MpAWGPupLpeiUO2r6TPyjJxdJj9llABAbmAywFaFRSRMCWFs-D1_YeZuT-d31cUn7uFuaaFZJbpDeuX9HMpCOOizeqbg&dbm_d=AKAmf-Dec3tE1fn8PkLd6n5iz5Z_hobJ9dbF2cgu6SwPR_gXld0Ln1FPRTuYoVO3KXJGPstI5B3SmO70jvaN3fgyM-MOAabYFqSbxxr0mgJ7nfhxaztDRVKhLiwVt4WCasSDngg1Arv2aDsyd34L8Q9nY77cSWfWVd8UNcg14JgltslPLHDd_xHiulSOnEku59P-5gHoMtXNg4m0xOwg0tZK0T1OxoGmYq7Of6IP8uspDI79bre23cySygaYFealo137y4Zr8XAWgm0DAqrnfTOsLSSbhq7bAVsuKeLvB3M02QNc_ldbG1QyLZCX0u2JS6uCA22zutvt6A4micfIRbWi1npjBFktwwDe5t-vVnXSkx3gwzDoTtoWafY7VuIu0BLUtvlCngCYXzUpWKouB3VZVoxz-xmuybfNV94rD_0rkvi46w0zfsQK1aZv8QR5vdqmPcOpdRmwKc8PvMAkbG8nlGyVHUYiu6xIWxkEXGbAG1mrsQZkImgULQzjZthQVQRNYrJO8QUaZuqrd4PfVnHVu5BPcSUZ_2yceybVlKLyDmsTT4PMJJQxRLzIKdtwjQytsMGHZGqASKNly-VpRQdmAeunFmbKvZz_cHcx3erNilMom8-UmTn-AUGG1aiQAFiNmXzHm9KuiQeO59NjocJYRCiPGnf7nUBxnjuPKHR89p2eZdjbE-_Dvec4aPEU_f35cTUDXF-yftpwexDkQtxKnW1T-gjOhZ1sRUIAXuxbwYKQyXjiUtiKxOokVAHMtx8A7p475qf5_AZX43-eU4HGfCk-JzMfze5HijYCcs7XbkDtEG8GYIYnfqT8bRApzxUxjDqFrKEL5CAmqAHQNICOTKSZ-QNNfUCWpzvDFh2sBnCsCuTDIiYj45Sk7Ec0TGlX8EY-dvkUFMtvaXdv49QswYhQhkMRBApUt9O-eiWB8RpDWy_aB4IEj0ucilatKsDbqtM_zI1YTKJA-n9AfzsKp_0h6cttdtKGFVm-id-14mB9VQazIXcGviv6-JMgYgko_i7h4tCA4wb4jfSPKumlQFAN5XsLnxHCxD-ECwUYnyRM4tM7EH_hCbQDRrcfrJWpGVY-ulU--NrkbKrZfUb94QFZScOD2UpsncPGu0DPiC7bgBMfgd5y9Jjy-4UCtftlw0KAisZy0jKJ_gX52f1REIhDs5ngreZ3cDWQheE_3iygA_K3Bu30iUdDHVEYTUxYFHozU6hL2J8f2ZcWuEhnH9WvdS-ERC2dH0C5dQUu0LZxQgPVj4Ic1YVdrayGZIg8FbwSzc53NszMRCuIR2F0yyAXRwVFz5dqvqNeiWT8izRBzKl46RvDhlBOw20z16ZYaQJa3McECUf2FZf3mPrdgDBsAdrXtothHMiw86hGmcrGR9_04-JGYWvmxXoO_GwA7RaWKCFDqqW4c8LV0j6DprWpqJgM763SivpJckmV0AKxWwwwe1h20AofI9rgD__NfUYw5iRyWCgeSDA3GY4Q1TsIw45ilXmfW2WKNyChemqANZ2iVwixEkGpyozwZXAgWfIhYj3kt6Ri6btC-8UsxW5htW9UO3xi954geW11MbwBfuwwSMYKQ2SKLhc8V19STOJ_y8-ixlYmBwCsrT6KDeMNZOOAX9N5ubKrN2PAePmTFuehKRlcfUdUb5EilxdNBZK2MJd3h5i8okZH2ruu1QEHgn42AHzgfWhD-TroO-xMPocyV9u3VdUXYmJzQkIeJg0To4ytvhCmHAb34f3YKKwvYgQroD0y0CTLc_NOJaYx8TyRcG0mKnBF4X9Au_Hc3m2s6cG1ZagT9AdP9HVieheelmAcznONyXg4Q-MFgXGRRRiE-vKq_FJKvideeX0lwogdFJUDOA6ypNJw_0TxNRg8aqxOfleJXBuXnR7biAgUQQwi4UrCUH4n-ePw_CtAaGjckCAcF3gLdSkOXIa6ueXPpqH3JYqQHRH-ZSDPgFsKGTgM3wgRVgqXSrQ-S8ZWdWmsextG-4wdG1wdpsZ54Mtyf2HJXQSeHtri310g8kLtiTx1mNEKiA8vyvgRhwSdUPxs2l1LNTh3_1oNP19AGc5BY8fEfhiVaXWBLaT6L2xUMBEVkfG_g14888xiQTOn92sgkl-HF8-D6k7Pao-oIyl5Z2MP-_DiLM3x3uYdzJmrDd_6LUkJvS9UVaHLw3J_gk_qRO-nmnrS2lzkgX5rfelvqZ_5k4shY7bNRGPkYB4t4DoiDfTxtzLAkobwqFpY6NMN_FWvHVS4ccmDUpPVAn7Oj_Ft12rdHAlpbM5M2Vl5bwaTWtQov8Xwn9FbR7yb-6EGTE3vvP1f5qdiC-K3o9JBFNxO1d09vvRYWffjA1XnZ5ES36ltBYV2sLjAp1oFMLi0KO01JXJdKUx8QuHjdZGkPRQQZjjXUGibYDs-n2Cl8qlE0ctIDwEXlx3gNT62pX8dZw50D5V_fjtCoP-ZBgmXWqSWDPkI5q8CRX-ZGZEMvsJIv9U&cid=CAASFeRomT6tqLKxzlZyyN-_6z6-DQ_72g&rfl=1%2Chttps%253A%252F%252Fwww.24h.com.vn%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 07:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 07:57:25 GMT

GET
H2

200

9773480289729446073
tpc.googlesyndication.com/simgad/ Frame 86FA
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDH5IzPYxCwCRiwCTIIXYfKtB7UCqk
https://tpc.googlesyndication.com/simgad/9773480289729446073

35 KB
35 KB

8ms
7ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9773480289729446073

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8016bb55b305355bcd79dc17cab8ef57feddad959bed6c84a555469066e9430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:52 GMT
x-content-type-options: nosniff
age: 248165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35804
x-xss-protection: 0
last-modified: Mon, 03 Jun 2019 13:21:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:52 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 19:50:12 GMT
x-content-type-options: nosniff
server: cafe
age: 45465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9773480289729446073
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Sep 2021 19:50:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 86FA 27 KB
27 KB 30ms
6ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSLU9UvmwAE1yzNfHOMBfqhzDGJRYrRdXbboM-7Mym9uU96SlT3YoiS_v-qT3k&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceaae3fde1f6f58acf9854cf4dc4a2a74280917ca43478380593fa0933dc6762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 13:47:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 09:26:42 GMT
server: sffe
age: 239999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27624
x-xss-protection: 0
expires: Sun, 28 Aug 2022 13:47:58 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 30F5 30 KB
30 KB 50ms
23ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTiKG2xbuP_nOvsCO3cNjTWnGnpVke1VDlUbq3L_LnPyuSLUY7ZILbHf2OqO-E&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e70171e770823bb81281aa5dfce0689ba5659ee6aa62dfaa7a67add0d3fb22ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 22:14:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 01:12:29 GMT
server: sffe
age: 555185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30221
x-xss-protection: 0
expires: Wed, 24 Aug 2022 22:14:52 GMT

GET
DATA 200
OK truncated
/ Frame 30F5 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ece0016807ca3b1afe020fafb3b035e8277d0422981b858373d0db66e15be0d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 30F5 20 KB
20 KB 29ms
12ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTsyxOUBEdpHYGOsklJTMpDGiX1skI7-Tq5HyLZh4FO2wTDIL4&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae7496f9167f527898df98f76e7d3d994ed90cdecf1863577a7b31f847e777c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:50:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 12:47:15 GMT
server: sffe
age: 563831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20011
x-xss-protection: 0
expires: Wed, 24 Aug 2022 19:50:46 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 30F5 62 KB
62 KB 31ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTAmWB9SOTIVxpYwINmqm0PrFlC0r92qGHydNY3argrYzsaZGQomrz0TWK19JQ&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d80d0d97eab091d0d2bf11a7fd12b1cda8c5b6733c3b20c6ce1f8449a8ff71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 19:01:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Jul 2021 05:01:37 GMT
server: sffe
age: 307603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63160
x-xss-protection: 0
expires: Sat, 27 Aug 2022 19:01:14 GMT

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 30F5 24 KB
24 KB 32ms
15ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSf-e3aY7H9bNO-0_GbsTWVZ66RpJL_UN1qlc-2CwRtW0R-ScxAr4GEd_nyCw&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff384f02dd8e8ef48a2a4839deb0d3e9a48d144d3907515705dfde6ec512e566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 21:35:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 24 Jan 2021 04:11:34 GMT
server: sffe
age: 557569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24147
x-xss-protection: 0
expires: Wed, 24 Aug 2022 21:35:08 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 30F5 26 KB
26 KB 41ms
12ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTPEmREH2F0Qi5Iy9a0SWdl_S9iU567v_vBszFnukUoQ3OAy0jlCUYTp6HhkJI&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10627e291b8859a483624b20554fd136ce6015af310ac5b9395411e40d77100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 16:43:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 00:46:31 GMT
server: sffe
age: 488695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26262
x-xss-protection: 0
expires: Thu, 25 Aug 2022 16:43:02 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 30F5 22 KB
22 KB 43ms
20ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSUKKs0L9lqqpGYHKlBR1Bdl7tId5X9XZLkhRsxfmEDqhAUWMI&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bfd92cbc59bc0df590128e3d526aba12041641802f4a70fa46072d92d3f0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:03:39 GMT
x-content-type-options: nosniff
last-modified: Sat, 30 Jan 2021 03:34:07 GMT
server: sffe
age: 264258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22910
x-xss-protection: 0
expires: Sun, 28 Aug 2022 07:03:39 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 30F5 17 KB
18 KB 35ms
7ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcROBijToff3SSERS8CurxaBTntOAEn7FE0huhagXzCdUhwkMjA&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8a7984d391e116184231350a42902c5119db6dce935192d4983f32080eb974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:57:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 13:06:26 GMT
server: sffe
age: 455448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17610
x-xss-protection: 0
expires: Fri, 26 Aug 2022 01:57:09 GMT

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 30F5 24 KB
24 KB 24ms
9ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSme2Q1CelGQu9p9jwfTLfbnNFkpmgrH0QAN21mUeCnVxJU9rI&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3a0b682222b30407a0d3a63896613ef3fab69e58c53822b402e6c687968998e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 02:56:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 07:16:11 GMT
server: sffe
age: 365467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24841
x-xss-protection: 0
expires: Sat, 27 Aug 2022 02:56:50 GMT

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 30F5 26 KB
26 KB 34ms
19ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT3M0JcFH--IMqc6Au4fcH9PLlg9O7Bz8SyXfwgPqkK5UEoJQbXQ2QOaQq4zw&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fac372bff544beeb15221971f20cf98181d2daabdfdb0a30c7e7065b23c6cdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 13:50:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2020 01:36:01 GMT
server: sffe
age: 239826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26443
x-xss-protection: 0
expires: Sun, 28 Aug 2022 13:50:51 GMT

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 30F5 59 KB
59 KB 32ms
17ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTTaMIP4wp2CC7h0w5NY29Bf9A0xsTfBdrIQQq4gxcNFCu-bJw_SjUSPNUPvA&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2920656d265c3380134c0cfe907be5069b8cf862f76c16cb1b57b5d7f519b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 00:28:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 26 Jun 2021 03:49:58 GMT
server: sffe
age: 201542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60198
x-xss-protection: 0
expires: Mon, 29 Aug 2022 00:28:55 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 30F5 33 KB
33 KB 40ms
18ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTmn362T3PJQCmmhF7s63a5yeGwswzmuEbMOWCegOjFMmwF0tsKNZKhZxX6gAk&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bef7351617f59a231fe41b3a6cd8ba987f3ff8631012c2d6d2b4461fbab5e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:37:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Nov 2020 02:46:31 GMT
server: sffe
age: 229835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33601
x-xss-protection: 0
expires: Sun, 28 Aug 2022 16:37:22 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 30F5 42 KB
43 KB 42ms
21ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSfGQpIC8mQZqg_eKia5jESAXh8vNnt2majoHtVPqijkYkQU8H-3xXnuZvzq20&usqp=CAI

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43001b47ca47d87ec329f7c560ea87e8957d65d599932b6c8a08a5f676fa05f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 17:31:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 15:01:57 GMT
server: sffe
age: 226589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43480
x-xss-protection: 0
expires: Sun, 28 Aug 2022 17:31:28 GMT

GET
H3-29

200

12227418558195100007
tpc.googlesyndication.com/simgad/ Frame 30F5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDH5My4ehCwCRisAjIIhc-0bMAo2ZY
https://tpc.googlesyndication.com/simgad/12227418558195100007

29 KB
29 KB

8ms
7ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12227418558195100007

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141487852a934a148b8e436c41d14938aac3738d764a13652fa8b3835a00785c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 12:05:08 GMT
x-content-type-options: nosniff
age: 246169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30042
x-xss-protection: 0
last-modified: Mon, 03 Jun 2019 13:21:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 12:05:08 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 05:59:37 GMT
x-content-type-options: nosniff
server: cafe
age: 8900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12227418558195100007
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Sep 2021 05:59:37 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 86FA 0
0 84ms
84ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqfk2C-gtYZnEEp2V3gOp6aPQAur4rv1e4eekyKoKnN2yyqAYEAEg49GxJWDxrfyFpB-gAY-7vtoDyAEJqQL9g_scH1WFPuACAKgDAcgDmwSqBMUBT9D1bi-RXc85JntO2bqL--6OPT23bKqugXv5QngUudKJ9GNgvpUbL4d1ODTBhb0WuqLx7CkXFaxobq9XZVvTM5UEkW74c4kR1832KjBpX4WEaSf1LPSPB8eJUtamDA1gMPHepXlyLf0gUlcb0h_nQjQvDvT9OUO-k8qycqaDHTCZTCtjFBYS5fUCH5MTqHwTeRdyDOatrltmVfFG1cpp_W6qWd3_m3FzlVQWfUQEOzSOKPw-XPKGKvaUZsT9WGfpojZy4t7ABJ2aoamTAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfZxMElqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ8JgN0ggJCIjhgBAQARgdgAoDyAsB2BMCiBQB0BUBgBcBshceChwIABIUcHViLTU2MTQ2OTU1NDk3NzU3OTcY6rYf&sigh=KTpByv9ZpsY&template_id=494
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 30F5 0
0 87ms
86ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpsNLC-gtYZ_EEp2V3gOp6aPQAur4rv1e4eekyKoKnN2yyqAYEAEg49GxJWDxrfyFpB-gAY-7vtoDyAEJqQL9g_scH1WFPuACAKgDAcgDmwSqBMgBT9BcFOUlrxQmGhKrDEu03RRj1JG8Ij2J3zDyw9qqgR_VLe0H4bI3TR2yLVHpuOjm5-QPYmEiDbiKi2eNRWMqO-AcXbRnX9K9loK3x36bvqF1SVx3XsH0IxSMImouEw2YgFSs3OicINATWZRDcsXOfE6Uwzrl0uAyqfldrhYlubwd1HwsVpsf_vT2icb5zgSHRjvRG-Ufl2p1D2gMxkU78RwUr3biVRfgqTVwnZusw9widasYsSkTGmO8gV9dPtMFHGEHhCNAlyHABJ2aoamTAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfZxMElqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQvtcM0ggJCIjhgBAQARgdgAoDyAsB2BMCiBQB0BUBgBcBshceChwIABIUcHViLTU2MTQ2OTU1NDk3NzU3OTcY6rYf&sigh=hjfrMVOm-UI&template_id=494
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5359 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 27 Aug 2021 09:05:30 GMT
expires: Sat, 27 Aug 2022 09:05:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 343347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 090A 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 27 Aug 2021 09:05:30 GMT
expires: Sat, 27 Aug 2022 09:05:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 343347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CB30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1

43 B
893 B

90ms
72ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNXKJCzcTgTBk65IQejKW9n6u77MWIOu2tlXqplxH3U9vOWtzH-zJWxqwiQawErf5e3RebP3a0NDnB11tLnVZTpOfWGgeTgXK_2s27zgc0lQiTn5YOtq7Yai3U_xkpj2G6G6YI1Gr3iocMxCjfbEVy4GkHaoYMpG-GIVSQF-KI9J5CwXUR4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 08:27:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CB30
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS3oDV8MWkkQN3VLOFgngAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1

43 B
893 B

73ms
73ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNXKJCzcTgTBk65IQejKW9n6u77MWIOu2tlXqplxH3U9vOWtzH-zJWxqwiQawErf5e3RebP3a0NDnB11tLnVZTpOfWGgeTgXK_2s27zgc0lQiTn5YOtq7Yai3U_xkpj2G6G6YI1Gr3iocMxCjfbEVy4GkHaoYMpG-GIVSQF-KI9J5CwXUR4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 08:27:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuIPQkVpwSzSnWHby1PmX0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CB30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1

43 B
1006 B

75ms
74ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNXKJCzcTgTBk65IQejKW9n6u77MWIOu2tlXqplxH3U9vOWtzH-zJWxqwiQawErf5e3RebP3a0NDnB11tLnVZTpOfWGgeTgXK_2s27zgc0lQiTn5YOtq7Yai3U_xkpj2G6G6YI1Gr3iocMxCjfbEVy4GkHaoYMpG-GIVSQF-KI9J5CwXUR4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
X-Proxy-Origin: 185.236.42.205; 185.236.42.205; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 063f29ae-74dd-4f2f-9f61-054bf0af6284
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CB30
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMjQwMDc2ODEzODU3NDMxOA%3D%3D

170 B
188 B

67ms
66ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMjQwMDc2ODEzODU3NDMxOA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
X-Proxy-Origin: 185.236.42.205; 185.236.42.205; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 869080bb-2c37-43f1-a7f9-4852c91267c2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMjQwMDc2ODEzODU3NDMxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 30F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af1621ffafde241d841608de3f1890183eca741a876d4417bf279015eed0c2db

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 30F5 20 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 09:49:45 GMT
x-content-type-options: nosniff
age: 254292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 09:49:45 GMT

GET
DATA 200
OK truncated
/ Frame 86FA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c09397ce7a8b68a099dae0693d861248af20d890a7cd0fb879e6c42ea1c8683

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D733
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1A7d5wru27Pf5wG3i5GF0&google_cver=1

43 B
1013 B

100ms
96ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1A7d5wru27Pf5wG3i5GF0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNWDUBs5tjcMp-zxVD5Hq7qVdIQLZxkyE-_hZ0k-36vLz8Ko-M68vFMoAg3pWijxgU8-uLV7YhI-3_v4OqaB3unoqdE7WrvBXpj0f9pH8WKvs3lqMc02PHAF0R20a-F64_dhl8g07fIkFPBlthKTGj9tWjrBU4V2r_AmlnJo8WUFhnBdN-4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 08:27:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1A7d5wru27Pf5wG3i5GF0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D733
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS3oDZbo7aCwBp20o-dfDQAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YS3oDZbo7aCwBp20o-dfDQAA&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtZE-IRtrA80uIbV1J_fOs&google_cver=1

43 B
893 B

100ms
99ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtZE-IRtrA80uIbV1J_fOs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNWDUBs5tjcMp-zxVD5Hq7qVdIQLZxkyE-_hZ0k-36vLz8Ko-M68vFMoAg3pWijxgU8-uLV7YhI-3_v4OqaB3unoqdE7WrvBXpj0f9pH8WKvs3lqMc02PHAF0R20a-F64_dhl8g07fIkFPBlthKTGj9tWjrBU4V2r_AmlnJo8WUFhnBdN-4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 08:27:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtZE-IRtrA80uIbV1J_fOs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D733
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1

43 B
1006 B

61ms
52ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqjnwEQk8qfARiqxZ-yATAB&v=APEucNWDUBs5tjcMp-zxVD5Hq7qVdIQLZxkyE-_hZ0k-36vLz8Ko-M68vFMoAg3pWijxgU8-uLV7YhI-3_v4OqaB3unoqdE7WrvBXpj0f9pH8WKvs3lqMc02PHAF0R20a-F64_dhl8g07fIkFPBlthKTGj9tWjrBU4V2r_AmlnJo8WUFhnBdN-4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
X-Proxy-Origin: 185.236.42.205; 185.236.42.205; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: af380c29-a237-4b9e-a743-bb898feb09c7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG_loxGDhNitZ3PlfvxS6u4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D733
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4MjMwNzk4ODk0NTQ4MDI5Ng%3D%3D

170 B
188 B

67ms
66ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4MjMwNzk4ODk0NTQ4MDI5Ng%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
X-Proxy-Origin: 185.236.42.205; 185.236.42.205; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: faffc9f9-7331-43e4-9ece-bcbc1d157bd5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4MjMwNzk4ODk0NTQ4MDI5Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 2436
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3Hj...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3HjkPQgVNUwPFSHRyt71j8MUytKD...

59 KB
20 KB

197ms
81ms

Script
text/javascript

74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3HjkPQgVNUwPFSHRyt71j8MUytKD5dlDqc085AOMyyTPShrM9K1Yo7q-g7ecdE4mbhXNCNlCDVLeetLuimI3zvxH7-dxLOT94SAulbtEqkSAKAmf-BbjUPRmi8p99lyTH7KJfoq1RIF0Ci1Ix4O0n8tfzu0AEEQmTCuuBudLOl2oloQ3SooBuTL8CtztAO1x4dP9h_hvpB8viZl8n_xP86Kv1wHGlH4cqzCGumjF6hS9GLO53KV1MiDT_QxHrsgd7IVMoYMgMkCgjJEe1YY9JcXlg9ysew3C9DfkHkjZaVwxHY2n5KxSQ3Y5-rXHcNgJze-Z1b7UC6E_XdY-LI2lhX1xXyWBdVqTCtg-g-AHqrMoQSsWBbDdZHl7-9su1NtcfYKMZbM2HXt6FEozwntfN5QXaNU6pe0bFNSs_odcI_NtDrnsmqY1SsWsa2xdeH_YKC5Pke3Du6By-V23KrqZ9t3F5R0hyKIcgMkaKoXxJ4Ueql_fEPtXxKyKOBLPiDARz8hnrFiPLYWQe9tRWWtlliZ1zo4d0lK9AYZpqAM-_Rn40vpgQGRUC6WAODRLXYc0o6MzAiDPvyYVF4e_WfUnmsTE2a9HVKOKTLa6LQLC4aArg9-whqa59FMxsSHxSvzDI9W8AuNg65vBsUZxPe6gW5IfxEzjjZ6auEzGdy7GFzCktStWS9iNpeld4pN1szd-Js2V9ClBofrjLknIVHU8P7eBtmgpon9rjue87eRaDUKUHdBOT0-8UWbWjDN4W6rY6gtoCzO7nbHmSpri-TxpFJXDM8owVG7L0Ko44rieFgdbDKVTR6y3hX4fTclEngIG4XrlnVfSJBLcE9ZRTTaWqggvse_4lHHNTO7ywoWyxQB2tmYlfzxn7kGam8RTIDOqUwSRHiZy1OIWt2agLcAX0HzrPTQ_68F5YLvo1ydlvXIFLUd_mOX0Sc_H2qBYGag3xiWCXhrRSK2nSD_IWPZxMjIMHZj8Jh3GCKYM4Wt_n5JxTWf43ribT690j8pHJanPCq0UqHB7CqPt4fAM26WfM74tup7ow_RYyQKhkXI9MSZLcxYhY_IVnGtjM_cgeNxmenN5V5G-mHtRq_UQ6tyaPvjDBtYci3NJeBz5C3s8YXseeoMBZvPSFb1apftew33CL0PuF-gYeGgMzXB2pPkBQy-fsbQG26GtSqM0GZ-ms46FaDOXbGGh3KqXmFcNcOGoPSzSl5OXF39Bl4UB1cpEzV21_WZIgGuBZ2FKyxN5YLq0IL6dSujctbkjKKYdDYoJd9rrv3Wi7IKDMmyJCkkD0IZVCG3FyZerXyw2MfnhSG5dkwtgh0dzg6naXFwkg_OuIpx0btNWKToRTV2eb0FYbvwJVQ6_UbSXAEosirOTI9zRYW3LoLXR1NUrzqp6SnrsEiiqJ2gxSZFDIp1ajFwlYW2O_8Bvov9z5Z9PpN1WfgP6i62bwUmozMta4WUdlZ1xQ_aIXv0Z4frCjMHa-BcUAy_-ZuKhizvdRe0PcGmeTcPD7lIOBfsF9K7lu8CrhSJVnirajK4Gh2AFUYsH0zPXbEuCsngONt38fmS0ls5XBsG5CtltL8GM03qSKQvVRsRFOxfBExCWUCvqKl8neRHygZsZbRXXY1o8s6BFilVlkxMME9yvj75NhLuu3lWqTzzSO8OOLUFtjcUQ_PD386-EF4rpMH6zczMT-jO5iDx_LFWCtiEdHf4YhpICRdoQ-cNK0uxvPmUo57QSZvcfYInVKqzeGn9zIsCKs98ZXgXNW1Ga_imMrbV54LnWSWsTm-2HMjsJiekmXBDEJCO3L1f9o5jeWv-SbwK2s9aCwJYOz9b3bdHoaw3wfGNporCNcpdgkRhAR7spJwLYQKZrXnA_w6KDPEG1DsRCAUm-EpDRoHH1XQULLGCnXglwhYw92IV_9QNEO-EA_AqUU1z7iLoxKc25K0sPWKyu0BcWrLJhUFiWzgBbmws6U1w6ZAafiA31UqjbgjFmdkoppndfjrIEgzxyhU88KjTragIR0Bmg2pRTrjXTuroOqiiLdqP2HkzolNs8QJJjeOPqK0L3NdoexFbBBsrmDq-D29wjcFEmGfSTA4KIa3smstTpG5sr3FV3hZ8aHupL9fw65cw1vkV6G3TM8-KjpJDJwQkErD8oV7vriE85o0LxEBgjkWCNRK4enK7LKiQn6QX5FWFMs-_ulMUwcpHAE0_B9ed-JJChkpAeyDbcFR2x7NwkEROHoYBcM5WvkmEp3IXSfeZW-nwnkJwDp2ZSx_g40bkWR3TTW2_6dk7EC3D5nXYsrRSmoMBenv5XTKsdP8SHLV2FFlRCLXAgG6Bi40qHPpY-1XYeNQk4VkeiGX7ep1ET5GF5tODpxv_oKzBqonCmCZioB2TdkSek4hTt7op-ueDMY9rDOsWTsd0lQhBlEZgyOB23nfJYaQl2imWnvChS-jp2eKv9Sua67f57Jk5gP1FS5ZqkLhZ6m5imdEeG4X26VfurM2iTwLMnFTWfFVtquq2R_OPmQ4WT5Wemfz_P-LRqSdF6S2rYvM47gBYZfi7B8ECTCAH9Oc_kslWb3hh7ORUiS23hQuPWxxkowyxlTnCdXBr-QXWaYqvr5wnzs755UgsVdvn5hyw4Df4BmEdkgwpLUD8Ktf_M2kr8jS-XPar3CQYf9wqqtiCHodJ9P_umpCmnbicOFfSiBZp_XnW6Lk03iHqpz4UK30hWgciQflTrwTG-gDsnNgqZqMwokxiP1NYCTS-U6Xb9BhZdFnB4cze_DPaYHyVdQbuxXw6LXol-QExkcydLEIUzVf0Q5ITGmQN0P3a9Ra7c-weyBB8ZlcsTzeCwNF5z_s3dl6WvSccTCW-6fUTAq76c08E4ccyHHLhm-sHwFeBySz5aCctMedygoiWyIWGhI8kyQt-pCcqtbYUAhrbfyqot08_5aajLYBsUVteaeZvlMAeSL1J2INXMdSGTLM_W97NGfdO9krPJDqN-MT0QZrmid5iKcIRcqswoejR_yLbXlGXM4WTO8yv1dzxqkCHtSCfc_I6jt8D7jNQ6dWsS3myvOFa83zZAdbCVURgEseNLIJQ1Un6rkUzPGoZ3mPMXPfVjVJ1RhIvUxuu0yAS-xZpDzIUShduJ_lftbKFhMT7B_yt2ShhfwLrDLTDvEdXmZjG0IE9MBmWAS5eH9bvheDEoM-21uCreyhD0Q-Uhpf7zmVpFln4PyyhHZBGF0TYkyyz3WxiCloaGQgAEhXkaJk-raiysc5Wcsjfv-s-vg0P-9pgAQ

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

cafe /

Resource Hash

2feb08ef4da323ce4101347997ccf881d4bd6c6a2a28d78deadd7f27a745cbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19528
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3HjkPQgVNUwPFSHRyt71j8MUytKD5dlDqc085AOMyyTPShrM9K1Yo7q-g7ecdE4mbhXNCNlCDVLeetLuimI3zvxH7-dxLOT94SAulbtEqkSAKAmf-BbjUPRmi8p99lyTH7KJfoq1RIF0Ci1Ix4O0n8tfzu0AEEQmTCuuBudLOl2oloQ3SooBuTL8CtztAO1x4dP9h_hvpB8viZl8n_xP86Kv1wHGlH4cqzCGumjF6hS9GLO53KV1MiDT_QxHrsgd7IVMoYMgMkCgjJEe1YY9JcXlg9ysew3C9DfkHkjZaVwxHY2n5KxSQ3Y5-rXHcNgJze-Z1b7UC6E_XdY-LI2lhX1xXyWBdVqTCtg-g-AHqrMoQSsWBbDdZHl7-9su1NtcfYKMZbM2HXt6FEozwntfN5QXaNU6pe0bFNSs_odcI_NtDrnsmqY1SsWsa2xdeH_YKC5Pke3Du6By-V23KrqZ9t3F5R0hyKIcgMkaKoXxJ4Ueql_fEPtXxKyKOBLPiDARz8hnrFiPLYWQe9tRWWtlliZ1zo4d0lK9AYZpqAM-_Rn40vpgQGRUC6WAODRLXYc0o6MzAiDPvyYVF4e_WfUnmsTE2a9HVKOKTLa6LQLC4aArg9-whqa59FMxsSHxSvzDI9W8AuNg65vBsUZxPe6gW5IfxEzjjZ6auEzGdy7GFzCktStWS9iNpeld4pN1szd-Js2V9ClBofrjLknIVHU8P7eBtmgpon9rjue87eRaDUKUHdBOT0-8UWbWjDN4W6rY6gtoCzO7nbHmSpri-TxpFJXDM8owVG7L0Ko44rieFgdbDKVTR6y3hX4fTclEngIG4XrlnVfSJBLcE9ZRTTaWqggvse_4lHHNTO7ywoWyxQB2tmYlfzxn7kGam8RTIDOqUwSRHiZy1OIWt2agLcAX0HzrPTQ_68F5YLvo1ydlvXIFLUd_mOX0Sc_H2qBYGag3xiWCXhrRSK2nSD_IWPZxMjIMHZj8Jh3GCKYM4Wt_n5JxTWf43ribT690j8pHJanPCq0UqHB7CqPt4fAM26WfM74tup7ow_RYyQKhkXI9MSZLcxYhY_IVnGtjM_cgeNxmenN5V5G-mHtRq_UQ6tyaPvjDBtYci3NJeBz5C3s8YXseeoMBZvPSFb1apftew33CL0PuF-gYeGgMzXB2pPkBQy-fsbQG26GtSqM0GZ-ms46FaDOXbGGh3KqXmFcNcOGoPSzSl5OXF39Bl4UB1cpEzV21_WZIgGuBZ2FKyxN5YLq0IL6dSujctbkjKKYdDYoJd9rrv3Wi7IKDMmyJCkkD0IZVCG3FyZerXyw2MfnhSG5dkwtgh0dzg6naXFwkg_OuIpx0btNWKToRTV2eb0FYbvwJVQ6_UbSXAEosirOTI9zRYW3LoLXR1NUrzqp6SnrsEiiqJ2gxSZFDIp1ajFwlYW2O_8Bvov9z5Z9PpN1WfgP6i62bwUmozMta4WUdlZ1xQ_aIXv0Z4frCjMHa-BcUAy_-ZuKhizvdRe0PcGmeTcPD7lIOBfsF9K7lu8CrhSJVnirajK4Gh2AFUYsH0zPXbEuCsngONt38fmS0ls5XBsG5CtltL8GM03qSKQvVRsRFOxfBExCWUCvqKl8neRHygZsZbRXXY1o8s6BFilVlkxMME9yvj75NhLuu3lWqTzzSO8OOLUFtjcUQ_PD386-EF4rpMH6zczMT-jO5iDx_LFWCtiEdHf4YhpICRdoQ-cNK0uxvPmUo57QSZvcfYInVKqzeGn9zIsCKs98ZXgXNW1Ga_imMrbV54LnWSWsTm-2HMjsJiekmXBDEJCO3L1f9o5jeWv-SbwK2s9aCwJYOz9b3bdHoaw3wfGNporCNcpdgkRhAR7spJwLYQKZrXnA_w6KDPEG1DsRCAUm-EpDRoHH1XQULLGCnXglwhYw92IV_9QNEO-EA_AqUU1z7iLoxKc25K0sPWKyu0BcWrLJhUFiWzgBbmws6U1w6ZAafiA31UqjbgjFmdkoppndfjrIEgzxyhU88KjTragIR0Bmg2pRTrjXTuroOqiiLdqP2HkzolNs8QJJjeOPqK0L3NdoexFbBBsrmDq-D29wjcFEmGfSTA4KIa3smstTpG5sr3FV3hZ8aHupL9fw65cw1vkV6G3TM8-KjpJDJwQkErD8oV7vriE85o0LxEBgjkWCNRK4enK7LKiQn6QX5FWFMs-_ulMUwcpHAE0_B9ed-JJChkpAeyDbcFR2x7NwkEROHoYBcM5WvkmEp3IXSfeZW-nwnkJwDp2ZSx_g40bkWR3TTW2_6dk7EC3D5nXYsrRSmoMBenv5XTKsdP8SHLV2FFlRCLXAgG6Bi40qHPpY-1XYeNQk4VkeiGX7ep1ET5GF5tODpxv_oKzBqonCmCZioB2TdkSek4hTt7op-ueDMY9rDOsWTsd0lQhBlEZgyOB23nfJYaQl2imWnvChS-jp2eKv9Sua67f57Jk5gP1FS5ZqkLhZ6m5imdEeG4X26VfurM2iTwLMnFTWfFVtquq2R_OPmQ4WT5Wemfz_P-LRqSdF6S2rYvM47gBYZfi7B8ECTCAH9Oc_kslWb3hh7ORUiS23hQuPWxxkowyxlTnCdXBr-QXWaYqvr5wnzs755UgsVdvn5hyw4Df4BmEdkgwpLUD8Ktf_M2kr8jS-XPar3CQYf9wqqtiCHodJ9P_umpCmnbicOFfSiBZp_XnW6Lk03iHqpz4UK30hWgciQflTrwTG-gDsnNgqZqMwokxiP1NYCTS-U6Xb9BhZdFnB4cze_DPaYHyVdQbuxXw6LXol-QExkcydLEIUzVf0Q5ITGmQN0P3a9Ra7c-weyBB8ZlcsTzeCwNF5z_s3dl6WvSccTCW-6fUTAq76c08E4ccyHHLhm-sHwFeBySz5aCctMedygoiWyIWGhI8kyQt-pCcqtbYUAhrbfyqot08_5aajLYBsUVteaeZvlMAeSL1J2INXMdSGTLM_W97NGfdO9krPJDqN-MT0QZrmid5iKcIRcqswoejR_yLbXlGXM4WTO8yv1dzxqkCHtSCfc_I6jt8D7jNQ6dWsS3myvOFa83zZAdbCVURgEseNLIJQ1Un6rkUzPGoZ3mPMXPfVjVJ1RhIvUxuu0yAS-xZpDzIUShduJ_lftbKFhMT7B_yt2ShhfwLrDLTDvEdXmZjG0IE9MBmWAS5eH9bvheDEoM-21uCreyhD0Q-Uhpf7zmVpFln4PyyhHZBGF0TYkyyz3WxiCloaGQgAEhXkaJk-raiysc5Wcsjfv-s-vg0P-9pgAQ
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 198B 80 KB
21 KB 234ms
100ms Script
application/javascript 54.76.195.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-222.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:57 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 86FA 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:30:42 GMT
x-content-type-options: nosniff
age: 575835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 16:30:42 GMT

GET
H3-29 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 86FA 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:42:10 GMT
x-content-type-options: nosniff
age: 593147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 11:42:10 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 1EF1
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTi...

59 KB
19 KB

184ms
108ms

Script
text/javascript

74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTikw-qLa-ZslLE1LUSb3eWK-h4uGYuvfvI1JHYvvC0j4fdIjOQ050sDxYdJW0RXbgTwAjMXr-Bud6EqkSAKAmf-C-gzsBp_oWTqtczCNQqqk-Nwpai-RgbGm2sAl8yO0pdKfsZO-m760Z6K7X3M3xkkMubgwBV-6PJP-L_kzZHzQ370-NEP13CyscRejIUqDQ4w_cTMP0IA627A9ILQADu2blhTRzOUvqcDNRWJsPWXoy3CiD3GLYb9FAcD_Zo3WDWEaarljpfNcCrE3DLiG5oXPz7Ug_L87UcqmbVvjlMe6Jx3zx_mg_gL_WYeeVFe9oNZzAZ6VNqbAPIagzAwCRuE3VN9Yoh2l8J28wdH8dbrG8EdRWOsAEBu-vkvQgLheO1ZGwWxVSkBcm1Vbo3xdW9Y0DW7Ik6_1gSL4RfI4jgR7Es8W_dDY4k913xiOUtvl5_K2X31jOUr89y1YBhMu_LvAjtwyuaU-cGJPJ2lnxAg-JSYcPvNaWR6qhyvQMJgUfbhlnAGCIs_UwVflq2hFVe1Dgkfyp8UHsazYDnL5YDiln6xvObhmTWUQ0n7SMShFNUwpgI0DS4s4JE6Fl1Rt5KUAl97NqN5CP4aSVLU5FoXznApNk4v4lzWltWgR6HhTARsbyqAbYgSeZqMLgzEF6KarnNQbIMQvl77pnym1Vmm4--X068L2DnDH-amZWumR_Co05tBzE2RpsExLPfO7gULvuKNw7X-ffmfmsagfv7FnAZSt4zqPT_udM9Mrb7drrOVB1Ts2haPgrOPa4ZsFO0ITcS2aFxVCB33sYwiXLncBQSLzHdf-XlZ13EK0nl0gDSPjKQtek96bXmuElOv4mIZaHaiiShSvuaPJEUXdc9VgVP3edcnnDE_-WmKWqmCM3HsbCX7yqJu0z_tFL2VWJdzqUvSL6FOigTJlMqSimMHtmJ7aLYor8FuiYiyA-0lOnyWYeIfgnDPmtq0gDPgG7h75FcwnBSMkdfBphNYXCNpRqM6WadJl6Z5inDGuGQds5HkCKRC2g5D97qfL1PLXphokLpppOfFs9S8PhGD0IXPIGAs7XAekE-pfIgynidePmZZAERo6O47ZDX1OX5vhc3Tur7YIMtQ-DS1oBuO-aX9DvFkOlhmjbjAdUKyKK-YuLP7DGbHVd8IsMRBqoFcdyC3E6OHr7E13Bbiz06x0VgxGMkanctaEXxnmlrkwDmEfyzmEgP_Ce_m3EuaeNlEjejFpL2TyeVRlF0iq7LNATMDt_zEok2-GGcXXZXZx9p5qImw4iF0klGjOt5BUTgT-6Km-7avNUGQpmUBYB_OKwiQPAkYPh4ORS_mMJVTMh-0u0t0tW7rVuoEIJVfvxGkojYzwnStjRk2VrqtNmVRenowsP5qL93-zuzfBkCY_r2jWfZYXKOesf3ZD_0xEKCBAAERVPKU7qqIIJqO1u5XfR2__TJpUvkRJEcE6X8OsWQHoU_sRfWF3Z9vCwAasV8BVPdUJ3kjlME-lofvRDa_V2VvDFCwa6nueIxdN25ufKFXYt1zJvjfSTIIPWYTCNUF0NxemnOEuEV-h-y9qV6GCCzoUivFkZPlKUPLrSo-h2RRgb1b7_pyf5-9QMejRX5m4G8gORDXNPWFfaFDVqaWOv6AsNdiKFWhATEyaPM-lHCNyfX8gK_vhxzj-hGyiwDZyYoQcd-1N19ZYsE7KP4Xgktqbc5v2IZoXToEGXqEXf-xcXdqcAR92JqUo7WAVfJIGCeuR6gjxtSqASpp9y3v2Rg9jg_6NmbC7RUZVZAK2whfnttCIt4woS7DELhQMhyp22w_A8ZPnvRF0q3WYR9Qn6xr6lGru7unTM95ZUxmou9gSdW278HCF_Pv14ec9nMeo3BBv1PcdAnOm9QLY2Yx0MBL5f_MtMaSrFWbssNvqPyNOKCDTHXaLSfUV6qdQSweQQIPOG9mDPN1bAKFS7TMksfJkvdq2fBzxVDygMqd1uI0gjlJjQ77QzKDEnaLofGEBRQ0-HV4YCC5gPAcj2JtHjCcPp1T7EucDzfC0ghq7qGY4buY-VD-T76QVoMkMxZSuKwHdho_-r8KkCbQDWh6zreE-vCgYo-UmbFqkvmzsSZTQYHwvClh5amUnMijXLRuu7KyVXO8pl0x_KqVVlGVYZg2u938YeJaQ_xB0pVrVWCVfrBRJgJ6WqLFthgqDUORZ5OV9YbRNin-WuRlkW0-vTSxD9FbrL7UofOqKgEh23v8VNdXL_r_CF2TiE6em05riIPJZ4wja5wYkfZ60dGKeEj_1emaWM99PurVeneCKO7pke2Cj07Th6MRIO6J2REMncoZM5DF8s4C-uv7oKPWRCC8iH4lBuIsfF5kspYGwpGj_rYj9r2M6FxnEB5yXpQSPJKIIg1vkYRskgSifQLQRSyjfc320-eGtF_C7-p0ZlkWMTV5Q6Vcdktju8mhh1Noz-fwUD41ALaA5lJN9B_u1Vu3wJRLyL5jN0skwjtvhj2MkUp2PT-GcMtKzs71PhLVJs4_Vpbp1mrbh52HbfmRV6Ypq4REwhFXc6jOeqxYx1K2TgPhVaqW-5DiIrS4vMMb-JlkQTJT_c1oqak0SNDF_IeWLDVE-1bSM9Vt6OjBgGVQFYCqEh6SS85gBDYNU3f1k63ZZLEZtbR5dtWl3JoWsggCwh4bEKNLYHFHjq44EFQDdgI04vUo7oEZF35NxQcVtP2dlKgDFQ99mKLM-oRK3JV4PwNq1Z-2ylv2kyiqx5BfW-iPtcjTPadQphOEbe8cqy1rmSk2JqlSpuNaUXOxbq3ed_3vIWELdiGHgZwPQgDGYlkH7aWOPniXWy6ylIrjAJ8Xi-RDV8a-W8v5p6m6b99r1YJXt-U_FAEgXlyqUAWO5ej6aPHpBAXi15oX_qui5PmjoH6uDfcKrn78uJXoibR1fYYC859kSROdxdtrf5isDFa0kFxWqOxLwE7SOnp6VcHahHsth9T9R0n5K0fLu4euIrBcEms0_FwtHgaUBWMiU5FPPje9EmfsUntNzEp2hLgdZ92hEcxoDQyj_C-12lCiX6IcyglBvGx2sg2l8N8LAu1HbMCIWqiSU7dnyYbU9t4atrqPxtNi7vLH5WJQYBNJuXlTF9JMg4mUw6KlT0P3W8jxdbG04672Eo9qCf7QYcCgZs3wqgfW74hMIS7wwdBCIRPzeasjtATL_68V59CQ-DZM7-tHsaGQgAEhXkaI8HwIUuRcGTqR2GnXScPg_K8eZgAQ

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

cafe /

Resource Hash

557922e7c1394227887567b4b11d2271c7041d8c2b9ec8326fc6067d050e9f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19533
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
x-server-name: app23.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTikw-qLa-ZslLE1LUSb3eWK-h4uGYuvfvI1JHYvvC0j4fdIjOQ050sDxYdJW0RXbgTwAjMXr-Bud6EqkSAKAmf-C-gzsBp_oWTqtczCNQqqk-Nwpai-RgbGm2sAl8yO0pdKfsZO-m760Z6K7X3M3xkkMubgwBV-6PJP-L_kzZHzQ370-NEP13CyscRejIUqDQ4w_cTMP0IA627A9ILQADu2blhTRzOUvqcDNRWJsPWXoy3CiD3GLYb9FAcD_Zo3WDWEaarljpfNcCrE3DLiG5oXPz7Ug_L87UcqmbVvjlMe6Jx3zx_mg_gL_WYeeVFe9oNZzAZ6VNqbAPIagzAwCRuE3VN9Yoh2l8J28wdH8dbrG8EdRWOsAEBu-vkvQgLheO1ZGwWxVSkBcm1Vbo3xdW9Y0DW7Ik6_1gSL4RfI4jgR7Es8W_dDY4k913xiOUtvl5_K2X31jOUr89y1YBhMu_LvAjtwyuaU-cGJPJ2lnxAg-JSYcPvNaWR6qhyvQMJgUfbhlnAGCIs_UwVflq2hFVe1Dgkfyp8UHsazYDnL5YDiln6xvObhmTWUQ0n7SMShFNUwpgI0DS4s4JE6Fl1Rt5KUAl97NqN5CP4aSVLU5FoXznApNk4v4lzWltWgR6HhTARsbyqAbYgSeZqMLgzEF6KarnNQbIMQvl77pnym1Vmm4--X068L2DnDH-amZWumR_Co05tBzE2RpsExLPfO7gULvuKNw7X-ffmfmsagfv7FnAZSt4zqPT_udM9Mrb7drrOVB1Ts2haPgrOPa4ZsFO0ITcS2aFxVCB33sYwiXLncBQSLzHdf-XlZ13EK0nl0gDSPjKQtek96bXmuElOv4mIZaHaiiShSvuaPJEUXdc9VgVP3edcnnDE_-WmKWqmCM3HsbCX7yqJu0z_tFL2VWJdzqUvSL6FOigTJlMqSimMHtmJ7aLYor8FuiYiyA-0lOnyWYeIfgnDPmtq0gDPgG7h75FcwnBSMkdfBphNYXCNpRqM6WadJl6Z5inDGuGQds5HkCKRC2g5D97qfL1PLXphokLpppOfFs9S8PhGD0IXPIGAs7XAekE-pfIgynidePmZZAERo6O47ZDX1OX5vhc3Tur7YIMtQ-DS1oBuO-aX9DvFkOlhmjbjAdUKyKK-YuLP7DGbHVd8IsMRBqoFcdyC3E6OHr7E13Bbiz06x0VgxGMkanctaEXxnmlrkwDmEfyzmEgP_Ce_m3EuaeNlEjejFpL2TyeVRlF0iq7LNATMDt_zEok2-GGcXXZXZx9p5qImw4iF0klGjOt5BUTgT-6Km-7avNUGQpmUBYB_OKwiQPAkYPh4ORS_mMJVTMh-0u0t0tW7rVuoEIJVfvxGkojYzwnStjRk2VrqtNmVRenowsP5qL93-zuzfBkCY_r2jWfZYXKOesf3ZD_0xEKCBAAERVPKU7qqIIJqO1u5XfR2__TJpUvkRJEcE6X8OsWQHoU_sRfWF3Z9vCwAasV8BVPdUJ3kjlME-lofvRDa_V2VvDFCwa6nueIxdN25ufKFXYt1zJvjfSTIIPWYTCNUF0NxemnOEuEV-h-y9qV6GCCzoUivFkZPlKUPLrSo-h2RRgb1b7_pyf5-9QMejRX5m4G8gORDXNPWFfaFDVqaWOv6AsNdiKFWhATEyaPM-lHCNyfX8gK_vhxzj-hGyiwDZyYoQcd-1N19ZYsE7KP4Xgktqbc5v2IZoXToEGXqEXf-xcXdqcAR92JqUo7WAVfJIGCeuR6gjxtSqASpp9y3v2Rg9jg_6NmbC7RUZVZAK2whfnttCIt4woS7DELhQMhyp22w_A8ZPnvRF0q3WYR9Qn6xr6lGru7unTM95ZUxmou9gSdW278HCF_Pv14ec9nMeo3BBv1PcdAnOm9QLY2Yx0MBL5f_MtMaSrFWbssNvqPyNOKCDTHXaLSfUV6qdQSweQQIPOG9mDPN1bAKFS7TMksfJkvdq2fBzxVDygMqd1uI0gjlJjQ77QzKDEnaLofGEBRQ0-HV4YCC5gPAcj2JtHjCcPp1T7EucDzfC0ghq7qGY4buY-VD-T76QVoMkMxZSuKwHdho_-r8KkCbQDWh6zreE-vCgYo-UmbFqkvmzsSZTQYHwvClh5amUnMijXLRuu7KyVXO8pl0x_KqVVlGVYZg2u938YeJaQ_xB0pVrVWCVfrBRJgJ6WqLFthgqDUORZ5OV9YbRNin-WuRlkW0-vTSxD9FbrL7UofOqKgEh23v8VNdXL_r_CF2TiE6em05riIPJZ4wja5wYkfZ60dGKeEj_1emaWM99PurVeneCKO7pke2Cj07Th6MRIO6J2REMncoZM5DF8s4C-uv7oKPWRCC8iH4lBuIsfF5kspYGwpGj_rYj9r2M6FxnEB5yXpQSPJKIIg1vkYRskgSifQLQRSyjfc320-eGtF_C7-p0ZlkWMTV5Q6Vcdktju8mhh1Noz-fwUD41ALaA5lJN9B_u1Vu3wJRLyL5jN0skwjtvhj2MkUp2PT-GcMtKzs71PhLVJs4_Vpbp1mrbh52HbfmRV6Ypq4REwhFXc6jOeqxYx1K2TgPhVaqW-5DiIrS4vMMb-JlkQTJT_c1oqak0SNDF_IeWLDVE-1bSM9Vt6OjBgGVQFYCqEh6SS85gBDYNU3f1k63ZZLEZtbR5dtWl3JoWsggCwh4bEKNLYHFHjq44EFQDdgI04vUo7oEZF35NxQcVtP2dlKgDFQ99mKLM-oRK3JV4PwNq1Z-2ylv2kyiqx5BfW-iPtcjTPadQphOEbe8cqy1rmSk2JqlSpuNaUXOxbq3ed_3vIWELdiGHgZwPQgDGYlkH7aWOPniXWy6ylIrjAJ8Xi-RDV8a-W8v5p6m6b99r1YJXt-U_FAEgXlyqUAWO5ej6aPHpBAXi15oX_qui5PmjoH6uDfcKrn78uJXoibR1fYYC859kSROdxdtrf5isDFa0kFxWqOxLwE7SOnp6VcHahHsth9T9R0n5K0fLu4euIrBcEms0_FwtHgaUBWMiU5FPPje9EmfsUntNzEp2hLgdZ92hEcxoDQyj_C-12lCiX6IcyglBvGx2sg2l8N8LAu1HbMCIWqiSU7dnyYbU9t4atrqPxtNi7vLH5WJQYBNJuXlTF9JMg4mUw6KlT0P3W8jxdbG04672Eo9qCf7QYcCgZs3wqgfW74hMIS7wwdBCIRPzeasjtATL_68V59CQ-DZM7-tHsaGQgAEhXkaI8HwIUuRcGTqR2GnXScPg_K8eZgAQ
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E3E6 80 KB
21 KB 161ms
116ms Script
application/javascript 54.76.195.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-222.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:57 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D73 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:08:26 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 2436 43 B
301 B 382ms
121ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=791812&asId=6e79a47e-b8d3-530c-fd13-d58616e08b2b&tv=%7Bc:mRkb6X,pingTime:-2,time:148,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:723,beZ:725,mfA:727,cmA:728,inA:729,inZ:733,prA:733,prZ:742,si:750,poA:752,poZ:767,cmZ:767,mfZ:767,loA:805,loZ:807,ltA:871,ltZ:872%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:true,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:148,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B141~1%5D,as:%5B141~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sHEtR6T+11%7C12%7C13%7C141%7C142%7C15*.791812-56413830%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,sinceFw:120,readyFired:false%7D&br=u
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
X-Server-Name: dt31.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1EF1 43 B
301 B 399ms
131ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=791812&asId=9357ac0a-5fca-b60c-45ed-cd30377541e8&tv=%7Bc:mRkb7d,pingTime:-2,time:78,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:844,beZ:845,mfA:846,cmA:848,inA:849,inZ:854,prA:854,prZ:863,si:872,poA:873,poZ:889,cmZ:889,mfZ:889,loA:908,loZ:911,ltA:921,ltZ:921%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:true,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:78,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~1%5D,as:%5B70~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sHEtR6T+11%7C12%7C13%7C14*.791812-56413830%7C141%7C142%7C15.791812-56413830%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,sinceFw:48,readyFired:false%7D&br=u
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5359 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:08:26 GMT

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 090A 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:08:26 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-24EL5B93N8&gtm=2oe8p0&_p=1003469083&sr=1600x1200&ul=en-us&cid=1065341481.1630398472&_s=2&dl=https%3A%2F%2Fwww.24h.com.vn%2F&dt=Tin%20t%E1%BB%A9c%20b%C3%B3ng%20%C4%91%C3%A1%2C%20th%E1%BB%83%20thao%2C%20gi%E1%BA%A3i%20tr%C3%AD%20%7C%20%C4%90%E1%BB%8Dc%20tin%20t%E1%BB%A9c%2024h%20m%E1%BB%9Bi%20nh%E1%BA%A5t&sid=1630398472&sct=1&seg=0&en=content_group&_et=4&ep.pageType_24h=Home&ep.pageEmbed_24h=None&ep.pagePlatform_24h=desktop&ep.pageCategory_24h=home&ep.categoryId_24h=45&ep.pageContentGroup_24h=null&ep.articleTopics_24h=None&ep.articleSubTopics_24h=None&ep.gauID24h_24h=None&ep.sub_categoryId_24h=None&ep.sub_pageCategory_24h=None
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24EL5B93N8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.24h.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 2436 169 KB
59 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 12:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 12:38:11 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/ Frame 2436 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4PvW2lJhw6AypXQV1mCP53tc09nU3yHReIc94_MLpuJzjahD-PNtE3HjkPQgVNUwPFSHRyt71j8MUytKD5dlDqc085AOMyyTPShrM9K1Yo7q-g7ecdE4mbhXNCNlCDVLeetLuimI3zvxH7-dxLOT94SAulbtEqkSAKAmf-BbjUPRmi8p99lyTH7KJfoq1RIF0Ci1Ix4O0n8tfzu0AEEQmTCuuBudLOl2oloQ3SooBuTL8CtztAO1x4dP9h_hvpB8viZl8n_xP86Kv1wHGlH4cqzCGumjF6hS9GLO53KV1MiDT_QxHrsgd7IVMoYMgMkCgjJEe1YY9JcXlg9ysew3C9DfkHkjZaVwxHY2n5KxSQ3Y5-rXHcNgJze-Z1b7UC6E_XdY-LI2lhX1xXyWBdVqTCtg-g-AHqrMoQSsWBbDdZHl7-9su1NtcfYKMZbM2HXt6FEozwntfN5QXaNU6pe0bFNSs_odcI_NtDrnsmqY1SsWsa2xdeH_YKC5Pke3Du6By-V23KrqZ9t3F5R0hyKIcgMkaKoXxJ4Ueql_fEPtXxKyKOBLPiDARz8hnrFiPLYWQe9tRWWtlliZ1zo4d0lK9AYZpqAM-_Rn40vpgQGRUC6WAODRLXYc0o6MzAiDPvyYVF4e_WfUnmsTE2a9HVKOKTLa6LQLC4aArg9-whqa59FMxsSHxSvzDI9W8AuNg65vBsUZxPe6gW5IfxEzjjZ6auEzGdy7GFzCktStWS9iNpeld4pN1szd-Js2V9ClBofrjLknIVHU8P7eBtmgpon9rjue87eRaDUKUHdBOT0-8UWbWjDN4W6rY6gtoCzO7nbHmSpri-TxpFJXDM8owVG7L0Ko44rieFgdbDKVTR6y3hX4fTclEngIG4XrlnVfSJBLcE9ZRTTaWqggvse_4lHHNTO7ywoWyxQB2tmYlfzxn7kGam8RTIDOqUwSRHiZy1OIWt2agLcAX0HzrPTQ_68F5YLvo1ydlvXIFLUd_mOX0Sc_H2qBYGag3xiWCXhrRSK2nSD_IWPZxMjIMHZj8Jh3GCKYM4Wt_n5JxTWf43ribT690j8pHJanPCq0UqHB7CqPt4fAM26WfM74tup7ow_RYyQKhkXI9MSZLcxYhY_IVnGtjM_cgeNxmenN5V5G-mHtRq_UQ6tyaPvjDBtYci3NJeBz5C3s8YXseeoMBZvPSFb1apftew33CL0PuF-gYeGgMzXB2pPkBQy-fsbQG26GtSqM0GZ-ms46FaDOXbGGh3KqXmFcNcOGoPSzSl5OXF39Bl4UB1cpEzV21_WZIgGuBZ2FKyxN5YLq0IL6dSujctbkjKKYdDYoJd9rrv3Wi7IKDMmyJCkkD0IZVCG3FyZerXyw2MfnhSG5dkwtgh0dzg6naXFwkg_OuIpx0btNWKToRTV2eb0FYbvwJVQ6_UbSXAEosirOTI9zRYW3LoLXR1NUrzqp6SnrsEiiqJ2gxSZFDIp1ajFwlYW2O_8Bvov9z5Z9PpN1WfgP6i62bwUmozMta4WUdlZ1xQ_aIXv0Z4frCjMHa-BcUAy_-ZuKhizvdRe0PcGmeTcPD7lIOBfsF9K7lu8CrhSJVnirajK4Gh2AFUYsH0zPXbEuCsngONt38fmS0ls5XBsG5CtltL8GM03qSKQvVRsRFOxfBExCWUCvqKl8neRHygZsZbRXXY1o8s6BFilVlkxMME9yvj75NhLuu3lWqTzzSO8OOLUFtjcUQ_PD386-EF4rpMH6zczMT-jO5iDx_LFWCtiEdHf4YhpICRdoQ-cNK0uxvPmUo57QSZvcfYInVKqzeGn9zIsCKs98ZXgXNW1Ga_imMrbV54LnWSWsTm-2HMjsJiekmXBDEJCO3L1f9o5jeWv-SbwK2s9aCwJYOz9b3bdHoaw3wfGNporCNcpdgkRhAR7spJwLYQKZrXnA_w6KDPEG1DsRCAUm-EpDRoHH1XQULLGCnXglwhYw92IV_9QNEO-EA_AqUU1z7iLoxKc25K0sPWKyu0BcWrLJhUFiWzgBbmws6U1w6ZAafiA31UqjbgjFmdkoppndfjrIEgzxyhU88KjTragIR0Bmg2pRTrjXTuroOqiiLdqP2HkzolNs8QJJjeOPqK0L3NdoexFbBBsrmDq-D29wjcFEmGfSTA4KIa3smstTpG5sr3FV3hZ8aHupL9fw65cw1vkV6G3TM8-KjpJDJwQkErD8oV7vriE85o0LxEBgjkWCNRK4enK7LKiQn6QX5FWFMs-_ulMUwcpHAE0_B9ed-JJChkpAeyDbcFR2x7NwkEROHoYBcM5WvkmEp3IXSfeZW-nwnkJwDp2ZSx_g40bkWR3TTW2_6dk7EC3D5nXYsrRSmoMBenv5XTKsdP8SHLV2FFlRCLXAgG6Bi40qHPpY-1XYeNQk4VkeiGX7ep1ET5GF5tODpxv_oKzBqonCmCZioB2TdkSek4hTt7op-ueDMY9rDOsWTsd0lQhBlEZgyOB23nfJYaQl2imWnvChS-jp2eKv9Sua67f57Jk5gP1FS5ZqkLhZ6m5imdEeG4X26VfurM2iTwLMnFTWfFVtquq2R_OPmQ4WT5Wemfz_P-LRqSdF6S2rYvM47gBYZfi7B8ECTCAH9Oc_kslWb3hh7ORUiS23hQuPWxxkowyxlTnCdXBr-QXWaYqvr5wnzs755UgsVdvn5hyw4Df4BmEdkgwpLUD8Ktf_M2kr8jS-XPar3CQYf9wqqtiCHodJ9P_umpCmnbicOFfSiBZp_XnW6Lk03iHqpz4UK30hWgciQflTrwTG-gDsnNgqZqMwokxiP1NYCTS-U6Xb9BhZdFnB4cze_DPaYHyVdQbuxXw6LXol-QExkcydLEIUzVf0Q5ITGmQN0P3a9Ra7c-weyBB8ZlcsTzeCwNF5z_s3dl6WvSccTCW-6fUTAq76c08E4ccyHHLhm-sHwFeBySz5aCctMedygoiWyIWGhI8kyQt-pCcqtbYUAhrbfyqot08_5aajLYBsUVteaeZvlMAeSL1J2INXMdSGTLM_W97NGfdO9krPJDqN-MT0QZrmid5iKcIRcqswoejR_yLbXlGXM4WTO8yv1dzxqkCHtSCfc_I6jt8D7jNQ6dWsS3myvOFa83zZAdbCVURgEseNLIJQ1Un6rkUzPGoZ3mPMXPfVjVJ1RhIvUxuu0yAS-xZpDzIUShduJ_lftbKFhMT7B_yt2ShhfwLrDLTDvEdXmZjG0IE9MBmWAS5eH9bvheDEoM-21uCreyhD0Q-Uhpf7zmVpFln4PyyhHZBGF0TYkyyz3WxiCloaGQgAEhXkaJk-raiysc5Wcsjfv-s-vg0P-9pgAQ&adsafe_url=https%3A%2F%2Fwww.24h.com.vn%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6e79a47e-b8d3-530c-fd13-d58616e08b2b,c:mRkb4Z,sl:na,em:true,fr:false,thd:1,mn:app22ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sHEtR6T+11%7C12%7C13%7C141%7C142%7C15*.791812-56413830%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:15*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:27,oid:582a3c62-0a35-11ec-ac91-06da572054ee,v:19.8.241,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:26:10 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 2436 23 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:27:21 GMT

GET
H3-29 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 1EF1 169 KB
58 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 12:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 12:38:11 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/ Frame 1EF1 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTikw-qLa-ZslLE1LUSb3eWK-h4uGYuvfvI1JHYvvC0j4fdIjOQ050sDxYdJW0RXbgTwAjMXr-Bud6EqkSAKAmf-C-gzsBp_oWTqtczCNQqqk-Nwpai-RgbGm2sAl8yO0pdKfsZO-m760Z6K7X3M3xkkMubgwBV-6PJP-L_kzZHzQ370-NEP13CyscRejIUqDQ4w_cTMP0IA627A9ILQADu2blhTRzOUvqcDNRWJsPWXoy3CiD3GLYb9FAcD_Zo3WDWEaarljpfNcCrE3DLiG5oXPz7Ug_L87UcqmbVvjlMe6Jx3zx_mg_gL_WYeeVFe9oNZzAZ6VNqbAPIagzAwCRuE3VN9Yoh2l8J28wdH8dbrG8EdRWOsAEBu-vkvQgLheO1ZGwWxVSkBcm1Vbo3xdW9Y0DW7Ik6_1gSL4RfI4jgR7Es8W_dDY4k913xiOUtvl5_K2X31jOUr89y1YBhMu_LvAjtwyuaU-cGJPJ2lnxAg-JSYcPvNaWR6qhyvQMJgUfbhlnAGCIs_UwVflq2hFVe1Dgkfyp8UHsazYDnL5YDiln6xvObhmTWUQ0n7SMShFNUwpgI0DS4s4JE6Fl1Rt5KUAl97NqN5CP4aSVLU5FoXznApNk4v4lzWltWgR6HhTARsbyqAbYgSeZqMLgzEF6KarnNQbIMQvl77pnym1Vmm4--X068L2DnDH-amZWumR_Co05tBzE2RpsExLPfO7gULvuKNw7X-ffmfmsagfv7FnAZSt4zqPT_udM9Mrb7drrOVB1Ts2haPgrOPa4ZsFO0ITcS2aFxVCB33sYwiXLncBQSLzHdf-XlZ13EK0nl0gDSPjKQtek96bXmuElOv4mIZaHaiiShSvuaPJEUXdc9VgVP3edcnnDE_-WmKWqmCM3HsbCX7yqJu0z_tFL2VWJdzqUvSL6FOigTJlMqSimMHtmJ7aLYor8FuiYiyA-0lOnyWYeIfgnDPmtq0gDPgG7h75FcwnBSMkdfBphNYXCNpRqM6WadJl6Z5inDGuGQds5HkCKRC2g5D97qfL1PLXphokLpppOfFs9S8PhGD0IXPIGAs7XAekE-pfIgynidePmZZAERo6O47ZDX1OX5vhc3Tur7YIMtQ-DS1oBuO-aX9DvFkOlhmjbjAdUKyKK-YuLP7DGbHVd8IsMRBqoFcdyC3E6OHr7E13Bbiz06x0VgxGMkanctaEXxnmlrkwDmEfyzmEgP_Ce_m3EuaeNlEjejFpL2TyeVRlF0iq7LNATMDt_zEok2-GGcXXZXZx9p5qImw4iF0klGjOt5BUTgT-6Km-7avNUGQpmUBYB_OKwiQPAkYPh4ORS_mMJVTMh-0u0t0tW7rVuoEIJVfvxGkojYzwnStjRk2VrqtNmVRenowsP5qL93-zuzfBkCY_r2jWfZYXKOesf3ZD_0xEKCBAAERVPKU7qqIIJqO1u5XfR2__TJpUvkRJEcE6X8OsWQHoU_sRfWF3Z9vCwAasV8BVPdUJ3kjlME-lofvRDa_V2VvDFCwa6nueIxdN25ufKFXYt1zJvjfSTIIPWYTCNUF0NxemnOEuEV-h-y9qV6GCCzoUivFkZPlKUPLrSo-h2RRgb1b7_pyf5-9QMejRX5m4G8gORDXNPWFfaFDVqaWOv6AsNdiKFWhATEyaPM-lHCNyfX8gK_vhxzj-hGyiwDZyYoQcd-1N19ZYsE7KP4Xgktqbc5v2IZoXToEGXqEXf-xcXdqcAR92JqUo7WAVfJIGCeuR6gjxtSqASpp9y3v2Rg9jg_6NmbC7RUZVZAK2whfnttCIt4woS7DELhQMhyp22w_A8ZPnvRF0q3WYR9Qn6xr6lGru7unTM95ZUxmou9gSdW278HCF_Pv14ec9nMeo3BBv1PcdAnOm9QLY2Yx0MBL5f_MtMaSrFWbssNvqPyNOKCDTHXaLSfUV6qdQSweQQIPOG9mDPN1bAKFS7TMksfJkvdq2fBzxVDygMqd1uI0gjlJjQ77QzKDEnaLofGEBRQ0-HV4YCC5gPAcj2JtHjCcPp1T7EucDzfC0ghq7qGY4buY-VD-T76QVoMkMxZSuKwHdho_-r8KkCbQDWh6zreE-vCgYo-UmbFqkvmzsSZTQYHwvClh5amUnMijXLRuu7KyVXO8pl0x_KqVVlGVYZg2u938YeJaQ_xB0pVrVWCVfrBRJgJ6WqLFthgqDUORZ5OV9YbRNin-WuRlkW0-vTSxD9FbrL7UofOqKgEh23v8VNdXL_r_CF2TiE6em05riIPJZ4wja5wYkfZ60dGKeEj_1emaWM99PurVeneCKO7pke2Cj07Th6MRIO6J2REMncoZM5DF8s4C-uv7oKPWRCC8iH4lBuIsfF5kspYGwpGj_rYj9r2M6FxnEB5yXpQSPJKIIg1vkYRskgSifQLQRSyjfc320-eGtF_C7-p0ZlkWMTV5Q6Vcdktju8mhh1Noz-fwUD41ALaA5lJN9B_u1Vu3wJRLyL5jN0skwjtvhj2MkUp2PT-GcMtKzs71PhLVJs4_Vpbp1mrbh52HbfmRV6Ypq4REwhFXc6jOeqxYx1K2TgPhVaqW-5DiIrS4vMMb-JlkQTJT_c1oqak0SNDF_IeWLDVE-1bSM9Vt6OjBgGVQFYCqEh6SS85gBDYNU3f1k63ZZLEZtbR5dtWl3JoWsggCwh4bEKNLYHFHjq44EFQDdgI04vUo7oEZF35NxQcVtP2dlKgDFQ99mKLM-oRK3JV4PwNq1Z-2ylv2kyiqx5BfW-iPtcjTPadQphOEbe8cqy1rmSk2JqlSpuNaUXOxbq3ed_3vIWELdiGHgZwPQgDGYlkH7aWOPniXWy6ylIrjAJ8Xi-RDV8a-W8v5p6m6b99r1YJXt-U_FAEgXlyqUAWO5ej6aPHpBAXi15oX_qui5PmjoH6uDfcKrn78uJXoibR1fYYC859kSROdxdtrf5isDFa0kFxWqOxLwE7SOnp6VcHahHsth9T9R0n5K0fLu4euIrBcEms0_FwtHgaUBWMiU5FPPje9EmfsUntNzEp2hLgdZ92hEcxoDQyj_C-12lCiX6IcyglBvGx2sg2l8N8LAu1HbMCIWqiSU7dnyYbU9t4atrqPxtNi7vLH5WJQYBNJuXlTF9JMg4mUw6KlT0P3W8jxdbG04672Eo9qCf7QYcCgZs3wqgfW74hMIS7wwdBCIRPzeasjtATL_68V59CQ-DZM7-tHsaGQgAEhXkaI8HwIUuRcGTqR2GnXScPg_K8eZgAQ&adsafe_url=https%3A%2F%2Fwww.24h.com.vn%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9357ac0a-5fca-b60c-45ed-cd30377541e8,c:mRkb6p,sl:na,em:true,fr:false,thd:1,mn:app17ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sHEtR8h+11%7C12%7C13%7C14*.791812-56413830%7C141%7C142%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:14*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:582a89ff-0a35-11ec-ab23-0289e6fd96ae,v:19.8.241,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:26:10 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 1EF1 23 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/791812/56413830/xbbe/creative/adj?p=APEucNXU5K29xHHbFkCUIwo-jNfhxOYO_7G6hiAw42RL5gpPzKn3JYA&d=CnkAoCZ_4IbCW-XYy8Rt87-5xr47UCB5F4OtjLV4tYpUdDVFeWz9JZH9v40in1cm2hVcckEP7QiMqqHTTq3RK5hTikw-qLa-ZslLE1LUSb3eWK-h4uGYuvfvI1JHYvvC0j4fdIjOQ050sDxYdJW0RXbgTwAjMXr-Bud6EqkSAKAmf-C-gzsBp_oWTqtczCNQqqk-Nwpai-RgbGm2sAl8yO0pdKfsZO-m760Z6K7X3M3xkkMubgwBV-6PJP-L_kzZHzQ370-NEP13CyscRejIUqDQ4w_cTMP0IA627A9ILQADu2blhTRzOUvqcDNRWJsPWXoy3CiD3GLYb9FAcD_Zo3WDWEaarljpfNcCrE3DLiG5oXPz7Ug_L87UcqmbVvjlMe6Jx3zx_mg_gL_WYeeVFe9oNZzAZ6VNqbAPIagzAwCRuE3VN9Yoh2l8J28wdH8dbrG8EdRWOsAEBu-vkvQgLheO1ZGwWxVSkBcm1Vbo3xdW9Y0DW7Ik6_1gSL4RfI4jgR7Es8W_dDY4k913xiOUtvl5_K2X31jOUr89y1YBhMu_LvAjtwyuaU-cGJPJ2lnxAg-JSYcPvNaWR6qhyvQMJgUfbhlnAGCIs_UwVflq2hFVe1Dgkfyp8UHsazYDnL5YDiln6xvObhmTWUQ0n7SMShFNUwpgI0DS4s4JE6Fl1Rt5KUAl97NqN5CP4aSVLU5FoXznApNk4v4lzWltWgR6HhTARsbyqAbYgSeZqMLgzEF6KarnNQbIMQvl77pnym1Vmm4--X068L2DnDH-amZWumR_Co05tBzE2RpsExLPfO7gULvuKNw7X-ffmfmsagfv7FnAZSt4zqPT_udM9Mrb7drrOVB1Ts2haPgrOPa4ZsFO0ITcS2aFxVCB33sYwiXLncBQSLzHdf-XlZ13EK0nl0gDSPjKQtek96bXmuElOv4mIZaHaiiShSvuaPJEUXdc9VgVP3edcnnDE_-WmKWqmCM3HsbCX7yqJu0z_tFL2VWJdzqUvSL6FOigTJlMqSimMHtmJ7aLYor8FuiYiyA-0lOnyWYeIfgnDPmtq0gDPgG7h75FcwnBSMkdfBphNYXCNpRqM6WadJl6Z5inDGuGQds5HkCKRC2g5D97qfL1PLXphokLpppOfFs9S8PhGD0IXPIGAs7XAekE-pfIgynidePmZZAERo6O47ZDX1OX5vhc3Tur7YIMtQ-DS1oBuO-aX9DvFkOlhmjbjAdUKyKK-YuLP7DGbHVd8IsMRBqoFcdyC3E6OHr7E13Bbiz06x0VgxGMkanctaEXxnmlrkwDmEfyzmEgP_Ce_m3EuaeNlEjejFpL2TyeVRlF0iq7LNATMDt_zEok2-GGcXXZXZx9p5qImw4iF0klGjOt5BUTgT-6Km-7avNUGQpmUBYB_OKwiQPAkYPh4ORS_mMJVTMh-0u0t0tW7rVuoEIJVfvxGkojYzwnStjRk2VrqtNmVRenowsP5qL93-zuzfBkCY_r2jWfZYXKOesf3ZD_0xEKCBAAERVPKU7qqIIJqO1u5XfR2__TJpUvkRJEcE6X8OsWQHoU_sRfWF3Z9vCwAasV8BVPdUJ3kjlME-lofvRDa_V2VvDFCwa6nueIxdN25ufKFXYt1zJvjfSTIIPWYTCNUF0NxemnOEuEV-h-y9qV6GCCzoUivFkZPlKUPLrSo-h2RRgb1b7_pyf5-9QMejRX5m4G8gORDXNPWFfaFDVqaWOv6AsNdiKFWhATEyaPM-lHCNyfX8gK_vhxzj-hGyiwDZyYoQcd-1N19ZYsE7KP4Xgktqbc5v2IZoXToEGXqEXf-xcXdqcAR92JqUo7WAVfJIGCeuR6gjxtSqASpp9y3v2Rg9jg_6NmbC7RUZVZAK2whfnttCIt4woS7DELhQMhyp22w_A8ZPnvRF0q3WYR9Qn6xr6lGru7unTM95ZUxmou9gSdW278HCF_Pv14ec9nMeo3BBv1PcdAnOm9QLY2Yx0MBL5f_MtMaSrFWbssNvqPyNOKCDTHXaLSfUV6qdQSweQQIPOG9mDPN1bAKFS7TMksfJkvdq2fBzxVDygMqd1uI0gjlJjQ77QzKDEnaLofGEBRQ0-HV4YCC5gPAcj2JtHjCcPp1T7EucDzfC0ghq7qGY4buY-VD-T76QVoMkMxZSuKwHdho_-r8KkCbQDWh6zreE-vCgYo-UmbFqkvmzsSZTQYHwvClh5amUnMijXLRuu7KyVXO8pl0x_KqVVlGVYZg2u938YeJaQ_xB0pVrVWCVfrBRJgJ6WqLFthgqDUORZ5OV9YbRNin-WuRlkW0-vTSxD9FbrL7UofOqKgEh23v8VNdXL_r_CF2TiE6em05riIPJZ4wja5wYkfZ60dGKeEj_1emaWM99PurVeneCKO7pke2Cj07Th6MRIO6J2REMncoZM5DF8s4C-uv7oKPWRCC8iH4lBuIsfF5kspYGwpGj_rYj9r2M6FxnEB5yXpQSPJKIIg1vkYRskgSifQLQRSyjfc320-eGtF_C7-p0ZlkWMTV5Q6Vcdktju8mhh1Noz-fwUD41ALaA5lJN9B_u1Vu3wJRLyL5jN0skwjtvhj2MkUp2PT-GcMtKzs71PhLVJs4_Vpbp1mrbh52HbfmRV6Ypq4REwhFXc6jOeqxYx1K2TgPhVaqW-5DiIrS4vMMb-JlkQTJT_c1oqak0SNDF_IeWLDVE-1bSM9Vt6OjBgGVQFYCqEh6SS85gBDYNU3f1k63ZZLEZtbR5dtWl3JoWsggCwh4bEKNLYHFHjq44EFQDdgI04vUo7oEZF35NxQcVtP2dlKgDFQ99mKLM-oRK3JV4PwNq1Z-2ylv2kyiqx5BfW-iPtcjTPadQphOEbe8cqy1rmSk2JqlSpuNaUXOxbq3ed_3vIWELdiGHgZwPQgDGYlkH7aWOPniXWy6ylIrjAJ8Xi-RDV8a-W8v5p6m6b99r1YJXt-U_FAEgXlyqUAWO5ej6aPHpBAXi15oX_qui5PmjoH6uDfcKrn78uJXoibR1fYYC859kSROdxdtrf5isDFa0kFxWqOxLwE7SOnp6VcHahHsth9T9R0n5K0fLu4euIrBcEms0_FwtHgaUBWMiU5FPPje9EmfsUntNzEp2hLgdZ92hEcxoDQyj_C-12lCiX6IcyglBvGx2sg2l8N8LAu1HbMCIWqiSU7dnyYbU9t4atrqPxtNi7vLH5WJQYBNJuXlTF9JMg4mUw6KlT0P3W8jxdbG04672Eo9qCf7QYcCgZs3wqgfW74hMIS7wwdBCIRPzeasjtATL_68V59CQ-DZM7-tHsaGQgAEhXkaI8HwIUuRcGTqR2GnXScPg_K8eZgAQ&adsafe_url=https%3A%2F%2Fwww.24h.com.vn%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9357ac0a-5fca-b60c-45ed-cd30377541e8,c:mRkb6p,sl:na,em:true,fr:false,thd:1,mn:app17ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sHEtR8h+11%7C12%7C13%7C14*.791812-56413830%7C141%7C142%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:14*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:582a89ff-0a35-11ec-ab23-0289e6fd96ae,v:19.8.241,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 08:27:21 GMT

GET
H2 200 hit.js Show response
visitanalytics.userreport.com/ Frame 2436 7 KB
3 KB 186ms
57ms Script
application/javascript 13.224.93.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitanalytics.userreport.com/hit.js?t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=3255765427&v=1b&event=impression
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 200bab94b898cd8f4a89b2ab0ba5f4e820b946d1892ea35149e666586da42f2c

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:38:03 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 14:58:29 GMT
server: AmazonS3
age: 49795
etag: W/"9f4e655454a6c358cb8e398e93b8ba79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 2MBswZvdAbV_gKp7Mq_0zT3EGQrHGqbe
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
cache-control: public, max-age=3600, s-maxage=300
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: OCAHp39wBSOpFnNTNvSysJZjD_NYqAtGkCQrBdJaXbzsUoJ7Bt0TpQ==

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 7 KB
2 KB 28ms
14ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd259efa071c094692605955dc51afbb045bfd30bd51fb39733398c60b07c139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2160
date: Tue, 31 Aug 2021 08:27:57 GMT
expires: Wed, 01 Sep 2021 08:27:57 GMT
cache-control: public, max-age=86400
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2436 0
545 B 199ms
79ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxsGOKexgYz74jOp8Ue7wDZlucr7D5hCdaacFkgE6lyIfDQWtyeVhmCS8KlPjhcbfVcHF0WL2ROdNiykS1NyHoOCL3vbapyEWg7fjqX6dz6ZzEdtvttVA_OTjuZ4wgRG3e&sai=AMfl-YTlkmZj5g809iACYqj1CCi4es2ONDDdU2ougGHyD9OL_8lTnpnNDiCNGr_I7XsYVGLm5y4W0CiauICm6gr232fiIZ9v-D5O20CLEmQ&sig=Cg0ArKJSzLfB_XpQwU-6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=86&cisv=r20210826.82047&adurl=

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 2436 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa27358af7647d155db5acae6ff757208924e86f2d406f0a554efef70bc62c8f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hit.js Show response
visitanalytics.userreport.com/ Frame 1EF1 7 KB
3 KB 118ms
60ms Script
application/javascript 13.224.93.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitanalytics.userreport.com/hit.js?t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=4289210185&v=1b&event=impression
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 200bab94b898cd8f4a89b2ab0ba5f4e820b946d1892ea35149e666586da42f2c

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:38:03 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 14:58:29 GMT
server: AmazonS3
age: 49795
etag: W/"9f4e655454a6c358cb8e398e93b8ba79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 2MBswZvdAbV_gKp7Mq_0zT3EGQrHGqbe
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
cache-control: public, max-age=3600, s-maxage=300
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: Vx34HqFbbE_I631yfVD2_LuAEstUSqN3bVliZT_t4YKBt1Htay13LA==

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 7 KB
2 KB 14ms
14ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd259efa071c094692605955dc51afbb045bfd30bd51fb39733398c60b07c139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2160
date: Tue, 31 Aug 2021 08:27:57 GMT
expires: Wed, 01 Sep 2021 08:27:57 GMT
cache-control: public, max-age=86400
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1EF1 0
51 B 134ms
81ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvc5UJZnDME3jDhFFgcHx-VSKgpB20qfVffrntUg4AaOZ2ca5c54vfMY0DBoAXKrK1DGF8ye7ABZCI0silhQTh0l_8OLFFQgcPdw1wA6CkbyeHPBELsDDxHdNvR97ofPkrj&sai=AMfl-YSnBEPy8lDK7qWle3qbNT9AVWhfCY0OPpjcKpLrKlgUEcgSrQu7zbTPc5Ip93_GF98Xzya7gvsDHOMLD3EdOT75Qc95fwq1JOvg9s8&sig=Cg0ArKJSzDLTlaYwX1a_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=122&cbvp=1&cstd=118&cisv=r20210826.17742&adurl=

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 1EF1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e1b7c554c23ba599647a42f55ad4e749849e2dc56233b22bf5e6169a912d23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 25ms
24ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=1692679738305722&bg=!AAOlA0fNAAZOkH6FTpA7ACkAdvg8WiW31L9RZmvKSe5_0GEDVB6hBO7lt210QX7Lkpx5tgcFLLPljwIAAAD5UgAAAGBoAQcKAEQSdMopIzMw00RnllhCt58FvSyzPC4yzm00lFdwfX1auZfb4mDhO240fviGj_FLvLN1pVYFS7HRfPzBXp-vcYwJymnOpJkCbMXqDerQH6xYKJuPBZFvcoHNjMH3Ylq6XBQ8Hkv1Kl2NtuAnBHzEblumTzSbQpI6auPz458yFx7Y9UPewm5GIkKRq7hDaDDCZSYSTLrCdKEG6oVI-HrMV-Sf6fQxCwlx5_6l_q0ApgRV-7q3LSe4jj4QBn7RY6ZC0a7vThKeAnz0fjruyqos6D2ISqC4ysw6wC9jej-99vvJiRIcBlwpmlgxhoUVt_p_IktIT6mRWU5C5DlPnRVDp4g_vBtgZXZQ3bV76Uue9Pq13bThSglQPEEKWUedxn6hPmsG64ryXUtLfDV2tKUedQ2b7zDXQx5q-Z5ItlNoceApHqnslOWdypS5t0m9iIgv3rcuqIyp6sueK4s7qHeOJC9bN6_OHf9trG9w3eejGFEDyUDNHSa2mslWtNoX2lI2_w2GpEAZamZQGwrdCr_UajFTPYO5MRun-wtkdxvjRclaks97KvpdNNSxBfYHumnWzM_gwDQLFQoaRIY9X97n20OxAo9CUFbZNWql0XXBcmlFfJmVC4X3NlbH8Ap8t_XpIEJYJMQeMKQiUIO3M_naXcJeESLXO7JZcaldHiuI3IcvJz0GaWMQpf1--HGasM3Pt_yfudJu3WuOgzYoN5Svv5fcPEZDJZL2_yZLRKKQS9FijqrWJJkQtAeA1eIGVdTFM9FamwIT1_waE0tcWSmO39xFBLiX-sHfuvbwrASnB3MEE0olkSa8icT6b9go1nVqtClOunXAMae9Glmy66Ip7oC9sRQfPpdKWTAhszAEiq4R1cXE20j8SvEdCpxNwbgmNwRSjL8jkUtmmSOfcjeuEvHHCVGb
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 04FE 0
0 82ms
82ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CviUZC-gtYZvEEp2V3gOp6aPQApKM4fBkqN2yyLMOitGj7b4BEAEg49GxJWDxrfyFpB-gAYj_osUDyAECqQIME0S95NOzPuACAKgDAaoEygFP0B0ztpd8Cgl01kzZCKTk9nvu_oCN8Y5FG6Q-WnQ-WGjuBIwWJHC6RaY1NWWSm6NkYnmIYJ1xrZa6AtgeZ_IYPMy2PhSJ9c-f3LE23pF0MKI--NCoU1Plyq3amPmLydfvXy68zdyVjkhouh68tUrPVyTGhFImnNPdCCR4HnghKF0saMlMBt9kfBVLHznwbCSGN9969TcFYbhkHV_kq_e1AAqbQypAkUtIL1_Y60B_wyT0g5uH5zp0AqPZ5u_HC9cmC3veUi3Q9r_CwATxosbpzAPgBAGgBgKAB-CA3TqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEOL7CdIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01NjE0Njk1NTQ5Nzc1Nzk3GOq2Hw&sigh=wo2TIQkpXUk&vt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 04FE 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB7s6bgHPutBSMJVQkOeqbMwrRi8twmpxs3wbQpi9fqXw16P8cTMtvgfAncyFGW-MGMMwP8dq4DthEEdpFlA2K5oylCtIMBbiP4kjuZ-5nsYyNOO1W7_0h-WHokA&sai=AMfl-YQ-gTaK58qWce2QqCQufU7Q4U5sUc9GkAOrwMWTEzviZVZWvjafLPa7NOpmcF5KW5KEx9uYhs8U8Y6_TCElp07E9u2YKd5xQQ9-t-uYIQZhu7x3bt29gdX_-yS2DvWh&sig=Cg0ArKJSzEocTFZQXjJrEAE&id=ampim&o=1002,890&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1031&mtos=0,0,1031,1031,1031&tos=0,0,1031,0,0&tfs=137&tls=1168&g=51.66666507720947&h=51.66666507720947&tt=1168&r=v&avms=ampa&adk=1314645313

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.24h.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 55 B
78 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 16:23:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 57896
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Tue, 31 Aug 2021 16:23:01 GMT

GET
H3-29 200 gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 731 B
260 B 11ms
9ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 24 B
47 B 11ms
9ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 81085
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 157 B
141 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdvideo_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 388 B
205 B 12ms
11ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdvideo_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 googbase_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 400 B
301 B 13ms
11ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 21 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6269
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdpage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 3 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdpagedeck_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 8 KB
3 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47362f03763fafea173fabaa570f4054c7931e5f8d1e6f6daa2b08cafae41cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3174
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 6525 116 KB
39 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 04:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 04:50:50 GMT

GET
H3-29 200 gwdgooglead_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 13 KB
4 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d1651d91488d8e6357d29c08174475d886c695a2a9101ab4c73efd0137ad3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 15:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4463
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 15:55:38 GMT

GET
H3-29 200 gwdtaparea_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 4 KB
2 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1809
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdvideo_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 9 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdvideo_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62bce39cbbf76e49c475f31029efa2d5cc8c4bde4417f76cec3acc613d215ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3125
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 18:25:15 GMT

GET
H3-29 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 2 KB
713 B 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 687
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 17:23:45 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 2436 43 B
301 B 130ms
130ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=791812&asId=6e79a47e-b8d3-530c-fd13-d58616e08b2b&tv=%7Bc:mRkbfl,pingTime:-10,time:668,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1630398477906%7C%7C2b7cd06cf101212c55983ff69fcc252c%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7C0ae1096446612bc72eecaa846398938d%7C%7Ccbd355b406075b0f8acbb98b54026de8%7C%7C20fcf75d26ebea1090bbedf90429e6f1%7C%7C8680e4d92b9b41b3b431b80ed1ce30aa%7C%7C4ea6dc8038879d44b346a6f66a23fbbc%7C%7C1629390669,im:%7Bpci:%7Btdr:545%7D%7D,env:%7Bgcd:%7Bappl:na,cnst:na,glbl:na,mtdt:undefined%7D%7D%7D
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:57 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5359 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Boyq6DOgtYY-BL9CPrAT_w6OICQAAAAA4AeAEAg&bg=!FhWlFVHNAAZOkH6FTpA7ACkAdvg8WgreySn9bFcWbuP1TgdRutchjDzNFGPx16QKu4yF96wimGAXEgIAAAE7UgAAAFpoAQeZAt9VCYjt5EFI1ICFcIh6yZH_ajKBv3tBD-v6eqyzhGpeEYidatB9Xq7F92ZkBLsOhdBKU5RuO4HrMukHAciwnnb2I2XpkBv4xcR35mmnnmLtyUBlwSCNeLL9dVJqxtMKVdWFuL6HGyaQhNBeROMQNg8rt8ZSqBGlgi9RqFEBLH6PzsQXnbk7II8ERM2_PUw1lZq7g2y7q6FvAY4LN2XOOtwWwXRm1wjqNa_A-D4Zc24YEQhH3q06gnLjZ5GkmjRGBFYPi-n2vVuV2l0k3QIO-hVDpHQ8g14cqAxZ_oWthmF1dI6xM4rL64d-ypzZkr5lXR7ynrT9UfFLFgqkb1vazi1Ze4K5xmn1np7bTrx_bHYOBbQisVz2W52k618hwUcRBhM79LT2oDWp5_jgUioUZ1_QkshNOYa1MnXfNIdor56mzlMp2KYRk5_N38Xq4a9Q0yxyC-_HBUn1LEZkiIOSqyB1QLw9KDVaRmNDiooBdPVhPjczccpVGLbqAQEfWaydJv3yL7uA2ljyLJqO-6QxwmCwOe4AZrwKfjbtVSD0Nqv0oVqogZtk239Zr5uyxn5V5fR1UoS_nQlSG-9j7c_GTEI1ix9RQcTJ9sGeruPxmsrq5Yw8_DElBL0i93_2yLNSU13mlGMnFKI8MvYTX3pxfYOseXkGXIR1z2d8_dXJAkeeQDo91L1CUT-9HxrHKmlJ4yIUgi23dehQlEflhJYCYKZK--J9yyMN4q2oMOUsLAexlKrlImX-ViJTp6ysC3awRf3hP7p4zK8JoLd87QYJDmAjT3YKcVMlZZBMxQa1rDDRcM1zd3q8ooXIonnRUFi-mVLFarN3w-txmXcDxaXh3uxTtIAyJU2okLRwknRvUBvkapklKRkhxn5sDq2hinkLt-RwmRkIy4aD_O8ZWRrSwDmTjTQ3ONNRh8O1iId4n8htrfxwB0HYlQha3cLq8tkHOUvy0uI32h7B0oreZzkd4Qk

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 55 B
78 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 16:23:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 57896
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Tue, 31 Aug 2021 16:23:01 GMT

GET
H3-29 200 gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 731 B
260 B 8ms
6ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 24 B
47 B 8ms
6ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 81085
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 157 B
141 B 9ms
6ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdvideo_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 388 B
205 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdvideo_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 googbase_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 400 B
301 B 14ms
11ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 21 KB
6 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6269
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdpage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdpagedeck_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 8 KB
3 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47362f03763fafea173fabaa570f4054c7931e5f8d1e6f6daa2b08cafae41cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3174
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 1D4D 116 KB
39 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 04:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 04:50:50 GMT

GET
H3-29 200 gwdgooglead_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 13 KB
4 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d1651d91488d8e6357d29c08174475d886c695a2a9101ab4c73efd0137ad3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 15:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4463
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 15:55:38 GMT

GET
H3-29 200 gwdtaparea_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 4 KB
2 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1809
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:56:32 GMT

GET
H3-29 200 gwdvideo_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 9 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdvideo_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62bce39cbbf76e49c475f31029efa2d5cc8c4bde4417f76cec3acc613d215ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3125
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 18:25:15 GMT

GET
H3-29 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 2 KB
713 B 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 687
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 17:23:45 GMT

GET
H2 200 hit.gif
visitanalytics.userreport.com/ Frame 2436 43 B
497 B 59ms
59ms Image
image/gif 13.224.93.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitanalytics.userreport.com/hit.gif?event=iv-supported&t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=i1kaj23t3h&v=1b&med=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 26820
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-cache: Hit from cloudfront
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
server: AmazonS3
date: Tue, 31 Aug 2021 04:21:36 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: NdaBqyDItAXaK1GfNCMemq99gScOEvH47W8ov4yKMa-k4HrekeLHvQ==
expires: 0

GET
H2 200 hit.gif
visitanalytics.userreport.com/ Frame 1EF1 43 B
497 B 58ms
58ms Image
image/gif 13.224.93.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitanalytics.userreport.com/hit.gif?event=iv-supported&t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=gakw8y9gqm&v=1b&med=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
Requested by: Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 26821
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-cache: Hit from cloudfront
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
server: AmazonS3
date: Tue, 31 Aug 2021 04:21:36 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: z9AJ_JvQJIkpHOh_nzG_frhP97HlwjyBboA_HwYCQszVb1IepWow0A==
expires: 0

GET
H3-29 200 poster.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 13 KB
13 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/poster.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d7061f04a3dc0a49b3e7a73669309cd522b3698ef7f565aa20ab5ff3b804f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 81084
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:56:33 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 090A 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO19bDOgtYZnaL9mIrATUmZAYAAAAADgB4AQC&bg=!SkmlSQ3NAAZOkH6FTpA7ACkAdvg8WlhYlM8y8eMnAhVGFK8a3uyw11JbivL7dd9Vj6Kq1-EFeGlvGgIAAAFzUgAAADdoAQcKAEXNlEiueug0KPIqbUgz3Z2PNlJqKf13pgK-G7k0-xVo9eanjNqqFQn5Jk-B7hdTXdyt2zhgdYaZxj4AeH1r_d0WNKxpl1GZAsweHMHJf23615hWXe6JsUvjehEf9V2xcVduBkhpeFxopWTPrd07XNd2Ib-Lx0ZTXch-aeueIlwTAY33vWwALQD97rIN9jqfarKVJ3cMwcxEMYXkv6VoW_-KNZURHf8eSGxKVEu9U9jKJds-ywLwY24k2EtnkiVCfDojRrrzqKtSC5LZfb1RzVB0aXv_o1BQnaIxoMRrHSXW5a2FKRHrBEO-rTSDWyO5NszZiTOLUEpdLlP5eTNWDmZMaG2afne7PUsBnWFNIE4wOp1IkzY5jn5SrL14uHyH-Lv5QjB3Wa0-bELnp45Oq6EeEaDYp1nj8cljcBpUL7Gowr8KX6gIV9IOYsf7xRG9e8xo31MSRHAQp_bRgrUTYyvPGyfKVEQjNJVd4scgoiQY1KvTkivIXzr8UOD0w1vckUZtuKOEHuLr3vINQbkzsa59gr6MxxtJ0g9b0XM_bHLVf8Pjz9Sy8uS4ilcJ7hiFBZ7hQ943y-usqNgrhvl4qZXg8KfuRlzGuPy5UOCJdrRlD-sqRQ4cbeF2fggfKPKcQgnafvA-Gmgc86NhLvVIfVkE8QJkb1Jh2QVpkbOtRZqPrFtUI7-PLexoXy-PE22QfoM_cMs7LOisMI0aVAaduvdPyes3u2w_93VIFk67g7-A_8f3lMrISQYpDQzjy7FXuJ_DuVCHIRzTl1gEgCeX4fAxMSjIS_aGDy4yRMYJ7O6iUF0SNEOoKgdusNfqOwmhd8m60RCfv3Cdv8lmdXH3laGac0mnZOnD4Sp2a0zamxye-_jW7wxer2ger4ulP96O5whHnFlc3gmgyKHiLB9Hctpf6a2eWZm-fQh1ZAyNf0k24vMD4LSOZoudbCbVGeifZb_OmVVuOzbzmq8U0ZhK1p_wyvKcjBmLj5Ueg8Wm0MLmch9wfTeCMb7ZoXK5R-5QJDh2rZHHq_z-2ieWj2J-woFZmSRUhQ

Requested by

Host: 06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
URL: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 poster.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 13 KB
13 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/poster.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/gwdvideo_min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d7061f04a3dc0a49b3e7a73669309cd522b3698ef7f565aa20ab5ff3b804f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 81085
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:56:33 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6525 6 KB
4 KB 17ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

706c00a20b498d0d30f955a78ffa5d102aeae35b304f85155bed18b05dc5d379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4444
x-xss-protection: 0

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2436 0
23 B 142ms
79ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1EF1 0
23 B 135ms
79ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.24h.com.vn
URL: https://www.24h.com.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1D4D 6 KB
4 KB 16ms
16ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eea50849113bc18064adb96f63b7a0d546acd764748ad092e799766f240825e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 08:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4479
x-xss-protection: 0

GET
H3-29 200 prod_studio_01_246_videomodule.js Show response
s0.2mdn.net/879366/ Frame 1D4D 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_246_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b619cbf3a19f241d38f222b0993708ab553b65f47b8d82e328506e5d00a94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4944
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 10:23:07 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6525 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:58 GMT

GET
H/1.1

206
Partial Content

file.mp4
r2---sn-4g5lzned.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipb... Frame 1D4D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/id,itag,source,ratebypass,m...
https://r2---sn-4g5lzned.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,i...

3 MB
3 MB

35ms
8ms

Media
video/mp4

2a00:1450:4001:13::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5lzned.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/726848F51DDC9F6CE8C6E66D3D3C68D95F9F9058.2CAE009E26CB6585A41C51BBF3380080791295FE/key/cms1/cms_redirect/yes/mh/Vb/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5lzned/ms/onc/mt/1630398269/mv/m/mvi/2/pl/47/file/file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:13::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2f0b65a8bf0d9afbdec310c286b95197579f7787041c857c1ee7bfe8437f1844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Aug 2021 09:11:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2936784/2936785
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2936785
Expires: Tue, 31 Aug 2021 08:27:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5lzned.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/726848F51DDC9F6CE8C6E66D3D3C68D95F9F9058.2CAE009E26CB6585A41C51BBF3380080791295FE/key/cms1/cms_redirect/yes/mh/Vb/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5lzned/ms/onc/mt/1630398269/mv/m/mvi/2/pl/47/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 681
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1D4D 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:27:58 GMT

GET
H3-29 200 prod_studio_01_246_videomodule.js Show response
s0.2mdn.net/879366/ Frame 6525 13 KB
5 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_246_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b619cbf3a19f241d38f222b0993708ab553b65f47b8d82e328506e5d00a94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4944
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 10:23:07 GMT

GET
H3-29 200 poster.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 1D4D 13 KB
13 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/poster.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d7061f04a3dc0a49b3e7a73669309cd522b3698ef7f565aa20ab5ff3b804f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=rx9RD8e8Zd&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 81085
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:56:33 GMT

GET
H3-29 200 poster.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/ Frame 6525 13 KB
13 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/poster.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d7061f04a3dc0a49b3e7a73669309cd522b3698ef7f565aa20ab5ff3b804f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866173/20210811021353457/index.html?e=69&leftOffset=0&topOffset=0&c=q9R89NR36B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 09:13:53 GMT
server: sffe
age: 81085
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:56:33 GMT

GET
H/1.1

206
Partial Content

file.mp4
r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipb... Frame 6525
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/id,itag,source,ratebypass,m...
https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,i...

3 MB
3 MB

51ms
36ms

Media
video/mp4

2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6EFD05F2D1B01752B8A7801135A89A88C8C00298.5BE816D3E0EDFD2BB6ABED802C7959393BEBBC2E/key/cms1/cms_redirect/yes/mh/Vb/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1630398033/mv/m/mvi/2/pl/47/file/file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2f0b65a8bf0d9afbdec310c286b95197579f7787041c857c1ee7bfe8437f1844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Aug 2021 09:11:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2936784/2936785
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2936785
Expires: Tue, 31 Aug 2021 08:27:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f8a2af1e9141c2e9/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3773121477/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6EFD05F2D1B01752B8A7801135A89A88C8C00298.5BE816D3E0EDFD2BB6ABED802C7959393BEBBC2E/key/cms1/cms_redirect/yes/mh/Vb/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1630398033/mv/m/mvi/2/pl/47/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 681
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B61 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:08:26 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 36E4 2 KB
1 KB 338ms
61ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.24h.com.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 31 Aug 2021 08:27:58 GMT
Connection: keep-alive

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C6D3 38 KB
14 KB 332ms
56ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.24h.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=41461
expires: Tue, 31 Aug 2021 19:58:59 GMT
date: Tue, 31 Aug 2021 08:27:58 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 632E 281 B
554 B 320ms
48ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: image-us.24h.com.vn
URL: https://image-us.24h.com.vn/upload/24h_js_library/prebid3.27.1_24h_us.js?v=20200410
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.24h.com.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.24h.com.vn/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Aug 2021 08:27:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame B108 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:08:26 GMT

GET
H2 200 dc_oe=ChMIi_7i0Ova8gIV9gPTCh3b6A3HEAAYACDe4qhKQhMI3fXZz-va8gIVnYp3Ch2p9Agq;met=1;&timestamp=1630398478369;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 1EF1 42 B
107 B 190ms
70ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIi_7i0Ova8gIV9gPTCh3b6A3HEAAYACDe4qhKQhMI3fXZz-va8gIVnYp3Ch2p9Agq;met=1;&timestamp=1630398478369;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIjPPi0Ova8gIVyD_TCh1QegmrEAAYACDe4qhKQhMI2vXZz-va8gIVnYp3Ch2p9Agq;met=1;&timestamp=1630398478370;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 2436 42 B
515 B 189ms
70ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjPPi0Ova8gIVyD_TCh1QegmrEAAYACDe4qhKQhMI2vXZz-va8gIVnYp3Ch2p9Agq;met=1;&timestamp=1630398478370;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30F5 42 B
64 B 24ms
24ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuX-RfT-iDAtVUQJMyiSxRMLmk5OHGQNE6uFTlUEbo5ymHJMcNAg3w50pHG3mKBnydqlwZ3rAjlLms--zAsaK7H18kRPYfJ6CMJ1RTSzidKKGpfe35Knh6jKzzV0_A9-prLfF5Lw15B329lrb3W9ox&sai=AMfl-YQTETPBWbgWyQbXI9l3rusMMHPhHM9oswnOVr5Iz8v2O6-h1Op9t-lE_T-G7K0uQlQAZmH8CFDY9qif7B-ADzzA0htQruuHiAOAJ2pn9ICwsJZyy4hFtoXsHkd_uYBb&sig=Cg0ArKJSzPA4gvhwiNlSEAE&id=lidar2&mcvt=1002&p=50,1307,650,1467&asp=50,1307,650,1467&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3857202617&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630398476561&rpt=736&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 86FA 42 B
64 B 23ms
23ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiSCgerQSgEQRtk_ampmirlmH8MH6rQzLFG4lqIeZ9hgYj-t9MzNs05L-RDHA7x0yike5Q7eXNJdD4ZNl5hjim85elYL7-ViIosT0LvRpdomiJxvCz7X96AjdvKYHE8JRmlq1yg2XSP9wcz4Kh4Nct&sai=AMfl-YRNSxHSVtt--5ftSPwnE0F4sasi1oH5J6jNA04P4SloDzQxYy9KAyOa9kFRr_YTnhSUT66EmVt77Fv7Z4OWQTdPOKiaIJH91Jw6nizeY2hePJCevtvF4tC9uvROXDQa&sig=Cg0ArKJSzA1FosGb97TeEAE&id=lidar2&mcvt=1000&p=50,133,650,293&asp=50,133,650,293&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2677203017&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630398476552&rpt=826&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 632E 31 KB
10 KB 53ms
52ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 55a56f73a3a80cdb4cb0526e3ee3e9af1e17752219178fba21f473b7b5e106e7

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=42795
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Tue, 31 Aug 2021 20:21:13 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C6D3 4 KB
4 KB 164ms
55ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69027184&p=157376&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a6b9107019951fda6d350e06326b64e2809d9e26dd1c23b3a85bf448e8312e77

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:56 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame EFD7 1 KB
3 KB 202ms
82ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ba8e3ce311d49c093568213dce2b0be9607e3cc039d74ede7c01cbfd1ba107d4

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=297; CMST=YS3oDWEt6A0A; CMID=YS3oDV8MWkkQN3VLOFgngAAA; CMPRO=1845; CMRUM3=2d612de80d2760CAESEMtZE-IRtrA80uIbV1J_fOs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|46|188|111|40|51
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1458
Expires: Tue, 31 Aug 2021 08:27:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:58 GMT
Connection: keep-alive
Set-Cookie: CMID=YS3oDV8MWkkQN3VLOFgngAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 08:27:58 GMT CMPS=297;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 08:27:58 GMT CMPRO=1845;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 08:27:58 GMT CMST=YS3oDWEt6A4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 08:27:58 GMT CMRUM3=33612de80e05a0&6f612de80e05a0&f1612de80e05a0&27612de80e0b40&2e612de80e05a0&28612de80e05a00&bc612de80e05a00&2d612de80d2760CAESEMtZE-IRtrA80uIbV1J_fOs&e6612de80e2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 08:27:58 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 632E 284 B
536 B 222ms
57ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 42DE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE

35 B
467 B

39ms
38ms

Document
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 31 Aug 2021 08:27:58 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=7616102259481055111; expires=Sat, 30 Oct 2021 08:27:58 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 31 Aug 2021 08:27:58 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Thu, 30 Sep 2021 08:27:58 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D35D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8976707504614790935

42 B
210 B

152ms
61ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8976707504614790935
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8976707504614790935
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE; chkChromeAb67Sec=1; DPSync3=1630454400%3A174%7C1631577600%3A197_219_201; SyncRTB3=1631577600%3A220_3_8_161_56_54_166_55_21_22_13_7_71_81%7C1630972800%3A223_2_15%7C1631664000%3A35%7C1632960000%3A203%7C1631232000%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 31 Aug 2021 08:27:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-8976707504614790935; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 08:27:58 GMT; path=/ PugT=1630398478; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 08:27:58 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 08:27:58 GMT; path=/
x-lat: lhrpug007:0:402
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8976707504614790935
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 30DC 43 B
338 B 179ms
60ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 31 Aug 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1427
date: Tue, 31 Aug 2021 08:27:58 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F68D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002508142491728012

42 B
210 B

115ms
60ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002508142491728012
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002508142491728012
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE; chkChromeAb67Sec=1; DPSync3=1630454400%3A174%7C1631577600%3A197_219_201; SyncRTB3=1631577600%3A220_3_8_161_56_54_166_55_21_22_13_7_71_81%7C1630972800%3A223_2_15%7C1631664000%3A35%7C1632960000%3A203%7C1631232000%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 31 Aug 2021 08:27:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-7002508142491728012; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 08:27:58 GMT; path=/ PugT=1630398478; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 08:27:58 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 08:27:58 GMT; path=/
x-lat: lhrpug015:0:608
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 31 Aug 2021 08:27:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=7002508142491728012; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002508142491728012

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 1847
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbVdrN0NXOUFBQUJfdTBNU2p2dw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABmWk7CW9AAAB_u0MSjvw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

187ms
61ms

Document
image/gif

185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABmWk7CW9AAAB_u0MSjvw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Tue, 31 Aug 2021 08:27:59 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABmWk7CW9AAAB_u0MSjvw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FOqDFbzxS6KBvuOPMzp77g%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

58ms
58ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=82949
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 01 Sep 2021 07:30:27 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1a2612d-e80e-4100-9bae-c4c66f8e154e

0
48 B

168ms
52ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1a2612d-e80e-4100-9bae-c4c66f8e154e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 31 Aug 2021 08:27:58 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1a2612d-e80e-4100-9bae-c4c66f8e154e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Aug 2021 08:27:57 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame C6D3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE
https://spl.zeotap.com/?zdid=1332&zcluid=e989e6dd4163b40f
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7354ac79-425a-48d2-75f6-1e8d9c3ef776&reqId=bd2acbeb-9406-4c99-6ab2-ca3f93be5cbb&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEPxwctu_WXmvSodlrk0gHmU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7354ac79-425a-48d2-75f6-1e8d9c3ef776&reqId=bd2acbeb-9406-4c99-6ab2-ca3...

95 B
164 B

60ms
59ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEPxwctu_WXmvSodlrk0gHmU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7354ac79-425a-48d2-75f6-1e8d9c3ef776&reqId=bd2acbeb-9406-4c99-6ab2-ca3f93be5cbb&zcluid=e989e6dd4163b40f&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6874e1feaa1dc303-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEPxwctu_WXmvSodlrk0gHmU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7354ac79-425a-48d2-75f6-1e8d9c3ef776&reqId=bd2acbeb-9406-4c99-6ab2-ca3f93be5cbb&zcluid=e989e6dd4163b40f&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTRFQTgzMTUtQkNGMS00QkEyLTgxQkUtRTM4RjMzM0E3QkVF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
342 B

193ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:443
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaGtuafjs5uHMp-GlyhxKQ&google_cver=1

42 B
281 B

195ms
61ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaGtuafjs5uHMp-GlyhxKQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:408
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaGtuafjs5uHMp-GlyhxKQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C6D3 43 B
611 B 159ms
48ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 30 Aug 2021 08:27:58 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2351937589411359512

42 B
235 B

136ms
61ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2351937589411359512
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:1015
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2351937589411359512
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0da3612d-e80e-4300-bb42-20aeefb3d79b&gdpr=0&gdpr_consent=

42 B
339 B

92ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0da3612d-e80e-4300-bb42-20aeefb3d79b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:639
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 31 Aug 2021 08:27:58 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0da3612d-e80e-4300-bb42-20aeefb3d79b&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Aug 2021 08:27:57 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b5763dac-8bcb-4a4c-9ba9-63576ee6b8fc

42 B
294 B

60ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b5763dac-8bcb-4a4c-9ba9-63576ee6b8fc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:308
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b5763dac-8bcb-4a4c-9ba9-63576ee6b8fc
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8932400768138574318&gdpr=0&gdpr_consent=

42 B
290 B

188ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8932400768138574318&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:423
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:58 GMT
X-Proxy-Origin: 185.236.42.205; 185.236.42.205; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0ab67369-2c39-417d-868f-e0c2f58a7ae4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8932400768138574318&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cQkbjlZE2uVB2sQYg8J2DuG2n7hRNz8-~A&gdpr=0&gdpr_consent=

0
260 B

138ms
52ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cQkbjlZE2uVB2sQYg8J2DuG2n7hRNz8-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 31 Aug 2021 08:27:58 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cQkbjlZE2uVB2sQYg8J2DuG2n7hRNz8-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 14EA8315-BCF1-4BA2-81BE-E38F333A7BEE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C6D3 43 B
841 B 107ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/14EA8315-BCF1-4BA2-81BE-E38F333A7BEE?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ncr_iWbD_Ysuz_XVMJ3g1GWfqdwunfyMZc664BLM

42 B
272 B

60ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ncr_iWbD_Ysuz_XVMJ3g1GWfqdwunfyMZc664BLM
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:59 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:769
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ncr_iWbD_Ysuz_XVMJ3g1GWfqdwunfyMZc664BLM
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4fb2e809-de1b-4efd-9dbe-b2efea4e081b
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4fb2e809-de1b-4efd-9dbe-b2efea4e081b
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=240d30d9-8143-44b1-b4ed-823341d48115&user_group=1&ssp=pubmatic&bsw_param=4fb2e809-de1b-4efd-9dbe-b2efea4e081b
https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=240d30d9-8143-44b1-b4ed-823341d48115&user_group=1&ssp=pubmatic&bsw_param=4fb2e809-de1b-4efd-9dbe-b2efea4e081b
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=113f68bc-cb2a-430a-aec4-739d3bf4c32f&gdpr=&gdpr_consent=&gdpr_pd=

1 B
259 B

60ms
60ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=113f68bc-cb2a-430a-aec4-739d3bf4c32f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:28:00 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:445
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=113f68bc-cb2a-430a-aec4-739d3bf4c32f&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 31 Aug 2021 08:28:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7913675282213420984&gdpr=0&gdpr_consent=&us_privacy=

1 B
187 B

61ms
61ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7913675282213420984&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:369
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7913675282213420984&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3oDwAEFFlglgAC&gdpr=0&gdpr_consent=&_test=YS3oDwAEFFlglgAC

1 B
394 B

66ms
59ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3oDwAEFFlglgAC&gdpr=0&gdpr_consent=&_test=YS3oDwAEFFlglgAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:59 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:1315
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630398479.173344,VS0,VE0
x-served-by: cache-fra19148-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3oDwAEFFlglgAC&gdpr=0&gdpr_consent=&_test=YS3oDwAEFFlglgAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame C6D3 0
104 B 114ms
65ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=14EA8315-BCF1-4BA2-81BE-E38F333A7BEE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
204 B

61ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:59 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:485
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6D3
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f26c7199-64cf-40f6-b98e-692c3493277e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
188 B

60ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f26c7199-64cf-40f6-b98e-692c3493277e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:28:00 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:677
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f26c7199-64cf-40f6-b98e-692c3493277e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 31 Aug 2021 08:28:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame EFD7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB&dcc=t

43 B
645 B

123ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:59 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VMC1VDBZXMZ2W91NV5RR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:59 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9Z66JWP3YQSW7CJFWEJ0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame EFD7 70 B
264 B 116ms
66ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame EFD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS3oDV8MWkkQN3VLOFgngAAABzUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPHI6ZXZu6_mO-EVMHGwbkU&google_cver=1

43 B
315 B

71ms
70ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPHI6ZXZu6_mO-EVMHGwbkU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 31 Aug 2021 08:27:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPHI6ZXZu6_mO-EVMHGwbkU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame EFD7 0
0 1147ms
47ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame EFD7 0
88 B 514ms
128ms Image
text/plain 52.45.16.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.16.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-16-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame EFD7 0
330 B 38ms
37ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
x.bidswitch.net/ Frame EFD7 43 B
146 B 1148ms
48ms Image
image/gif 18.195.184.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.184.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-184-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 08:27:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame EFD7 43 B
425 B 60ms
60ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YS3oDV8MWkkQN3VLOFgngAAA%261845
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:27:58 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3071
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 09:19:09 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 2344
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

120ms
119ms

Document
text/html

18.233.75.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.24h.com.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.75.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-75-25.compute-1.amazonaws.com
Software: /
Resource Hash: 1f0790ace504976bc5566428633b6e2b0de71ccbccd589a7957d0b15f1bc0664

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=d9e4a908-e83f-4d38-a05c-ef74bed200b8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Tue, 31 Aug 2021 08:28:00 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Tue, 31 Aug 2021 08:28:00 GMT
pragma: no-cache

Redirect headers

date: Tue, 31 Aug 2021 08:28:00 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=d9e4a908-e83f-4d38-a05c-ef74bed200b8; Path=/; Domain=eqads.com; Expires=Wed, 01 Dec 2021 08:28:00 GMT; Secure; SameSite=None

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2436 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubByjg2-MLtXyO-OSc7elobuzon3u5pFPU_x9T_X7jEZSQgEajNKprmBcoXqggk-zAsdSoFZTJp_Td9EYOZN8s1UgrZ_EiPp2tUwDTaN9-ohpm&sai=AMfl-YRS-5TOlOypSC0Sn0lTUjoy6fhehHLxMN2kironbzn43mlD9r_LDPBYGPPlRf9DO6Xg3ELN-U_aUGkxUBMz7-bD3YR4bVTHs3T47coyjDzIK1S4F7cwG98yhhVFqd-s&sig=Cg0ArKJSzMrcHFCfdep8EAE&cid=CAASFeRomT6tqLKxzlZyyN-_6z6-DQ_72g&id=lidar2&mcvt=1001&p=74,1002,324,1302&asp=74,1002,324,1302&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=122703086&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630398476515&rpt=1238&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1EF1 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKu_f7N6V2LKaitfy-Kmq3eqBixDkEzKNV5GA_CYAl-jl1KRyZby8uBQZZ1hQsBJObkRUUv9EacQTEolD6SBoE4Tzj8N6YRxl25ZCHTqftoi52&sai=AMfl-YQm3jT883MLMeRqiRPkbunXbgNVRQ9Q-xpbn0tmFAHUFy4C4P4CZekw0JiwVKtPrKyf3MMqx0itExR7bYd3EzSD0MOcFpy9pE31JTJH4S8belmk0KaWMqHjDJUjviqe&sig=Cg0ArKJSzI6mT-CUyZUtEAE&cid=CAASFeRojwfAhS5FwZOpHYaddJw-D8rx5g&id=lidar2&mcvt=1001&p=610,316,860,616&asp=610,316,860,616&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3771264079&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630398476482&rpt=1345&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 08:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1EF1 43 B
301 B 130ms
130ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=791812&asId=9357ac0a-5fca-b60c-45ed-cd30377541e8&tv=%7Bc:mRkbvA,pingTime:-10,time:1589,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1630398477906%7C%7C2b7cd06cf101212c55983ff69fcc252c%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7C0ae1096446612bc72eecaa846398938d%7C%7Ccbd355b406075b0f8acbb98b54026de8%7C%7C20fcf75d26ebea1090bbedf90429e6f1%7C%7C8680e4d92b9b41b3b431b80ed1ce30aa%7C%7C4ea6dc8038879d44b346a6f66a23fbbc%7C%7C1629390669,im:%7Bpci:%7Btdr:540%7D%7D,sca:%7Bspg:6e79a47e-b8d3-530c-fd13-d58616e08b2b%7D,env:%7Bgcd:%7Bappl:na,cnst:na,glbl:na,mtdt:undefined%7D%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:27:58 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 hit.gif
visitanalytics.userreport.com/ Frame 6701 43 B
497 B 59ms
58ms Image
image/gif 13.224.93.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=tssxi8y1t2&v=1b&med=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 26822
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-cache: Hit from cloudfront
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
server: AmazonS3
date: Tue, 31 Aug 2021 04:21:36 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: hWCl8HSri-mTKirQ6zwoUIKmzoAl_3C0VaNXHNAS3tmYxPVph10ZBg==
expires: 0

GET
H2 200 hit.gif
visitanalytics.userreport.com/ Frame A588 43 B
496 B 58ms
58ms Image
image/gif 13.224.93.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=GSKdcm-c26285222-p311351245&env=j&i=no&aid=504056341&pid=311351245&cid=155857246&sid=4721937&rid=156225248&rnd=ytq9zbekqb&v=1b&med=https%3A%2F%2F06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 26822
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-cache: Hit from cloudfront
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
server: AmazonS3
date: Tue, 31 Aug 2021 04:21:36 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: R12racsvVUzfk8F9COc9cfaG1c4cGSVkzS4gMEt6MnBfQRiVsKdGPA==
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2344
Redirect Chain

https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d9e4a908-e83f-4d38-a05c-ef74bed200b8&expiration=1638347280
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d9e4a908-e83f-4d38-a05c-ef74bed200b8&expiration=1638347280&C=1

43 B
1022 B

93ms
92ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d9e4a908-e83f-4d38-a05c-ef74bed200b8&expiration=1638347280&C=1
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:28:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 08:28:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 08:28:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d9e4a908-e83f-4d38-a05c-ef74bed200b8&expiration=1638347280&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 326
Expires: Tue, 31 Aug 2021 08:28:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.24h.com.vn/	1970-01-19 20:54:44	Name: adBFlag Value: disabled
www.24h.com.vn/	1970-01-25 20:31:23	Name: v_arr_back_page Value: %22%u1123%u0444%u300B%u835D%u0800%u02C4%5Cu0000%22
.www.24h.com.vn/	1970-01-23 06:41:45	Name: profile24hUid Value: 0c86130cdca1a0796085d3873c357c54
www.24h.com.vn/	1970-01-25 20:31:23	Name: itemp_pr_2015_4t2_45 Value: %22%u1120%u4646%u4000%22
.24h.com.vn/	1970-01-20 06:14:54	Name: __gads Value: ID=cdae3c8c767d008e-222da9f0e4c80058:T=1630398475:S=ALNI_MaTxxAneZ8pjAPLndQqov_9GAukFg
www.24h.com.vn/	1970-01-25 20:31:23	Name: ngay_xem_video_45 Value: %22%u1122%u0444%u3006%u8310%u4802%uD080%uB388%uD266%u8000%u8610%22
.24h.com.vn/	1970-01-19 20:53:18	Name: _gat Value: 1
www.24h.com.vn/	1970-01-25 20:31:23	Name: data_clientid_user Value: %22%u1121%u0444%u3006%u8036%u0830%u3583%u4038%u01C4%u8010%uE402%u1721%u0CC5%u01C8%u1840%u7480%uE815%uC026p%C0%u1320%u1066%uB915%u51C1%5Cu0000%22
www.24h.com.vn/	1970-01-25 20:31:23	Name: expire_user_segment_set_target Value: %22%u1124%u0644F%uC400%22
www.24h.com.vn/	1970-01-25 20:31:23	Name: so_url_link_page Value: %22%u1123%u0444%u5D0B%u8002%u3C40%22
www.24h.com.vn/	1970-01-25 20:31:23	Name: data_user_segment_set_target Value: %22%u1125%u0B64K%uC400%22
www.24h.com.vn/	1970-01-25 20:31:23	Name: __storejs_expire_mixin_expire_user_segment_set_target Value: 1630484875072
www.24h.com.vn/	1970-01-25 20:31:23	Name: data_user_type Value: %22%u1122%u0B64%u31048%u5036%u8330%u38C6%u8084%u0204%u2018%uE0A3%u1703%u90E8%u21C8%u4301%u0604%u01B0C%u8010%uB200%u1098%u301A%u20E0%u1782%u501A%u0770%u1814%u0BA0%uCC07%u8203%u2600%uB9C8c%u2074%5Cud802%uEA02%u01E8%u0183%u6043%u3880%5Cu001b%u0139%u7600%5Cu000e%u0400%22
www.24h.com.vn/	1970-01-25 20:31:23	Name: lan_xem_video_trong_ngay_45 Value: %22%u1132%5Cu0000%22
www.24h.com.vn/	1970-01-25 20:31:23	Name: __storejs_expire_mixin_data_user_segment_set_target Value: 1630484875070
www.24h.com.vn/	1970-01-25 20:31:23	Name: pageCookie Value: %22%u1120%u0684F%uC400%22
www.24h.com.vn/	1970-01-25 20:31:23	Name: __storejs_expire_mixin_data_user_type Value: 1630484875058
www.24h.com.vn/	1970-01-25 20:31:23	Name: __storejs_expire_mixin_data_clientid_user Value: 1630484875074
.24h.com.vn/	1970-01-20 06:14:54	Name: cto_bundle Value: 6d_QHl9ETW9uY3JXYm9ySTJUV2xhVUVMTUx2Z0FnRzcyNDRNRWNlS1RHQ1N1djZxOG1ZQnd4VmE0WDZnNG9qbFclMkJ0WlZ2OU5aWXNxU0tmajZnOUlXSUNaOHBOQ0VpOUVSdWp5UldLUSUyRkRvckI2ZFMlMkI3VW1RZHRQcmhLWmFlSEgzR1E5bA
.24h.com.vn/	1970-01-19 20:54:01	Name: NEW_FOOTBALL_INTERFACE Value: 9

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: options: [object Object]
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: OPTS: [object Object]
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: NaN
console-api	log	URL: https://www.24h.com.vn/(Line 202) Message: CLIENT ID GA4: 1065341481.1630398472
console-api	log	URL: https://www.24h.com.vn/(Line 2539) Message: clientId user from storage:
console-api	log	URL: https://www.24h.com.vn/(Line 2568) Message: lay lai ma ga4 :1065341481.1630398472
console-api	error	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Choice CMP v1 is deprecated, please upgrade to Choice CMP v2. https://help.quantcast.com/hc/en-us/articles/360057828994-Quantcast-Choice-Deprecates-TCF-v1-1-version-with-holistic-move-to-TCF-v2-0
console-api	error	URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: DATA : undefined :
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: getOS: Windows
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: getOS: Windows
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: FONTS: Andale Mono,Arial,Arial Black,Bauhaus 93,Bitstream Vera Sans Mono,Bitstream Vera Serif,Bodoni 72,Bodoni 72 Oldstyle,Bodoni 72 Smallcaps,Bookshelf Symbol 7,Calibri,Cambria,Comic Sans MS,Courier,Courier New,English 111 Vivace BT,Georgia,GeoSlab 703 Lt BT,GeoSlab 703 XBd BT,Helvetica,Humanst 521 Cn BT,Impact,Lohit Gujarati,Modern No. 20,MONO,Sawasdee,Times,Times New Roman,Trebuchet MS,Univers CE 55 Medium,Verdana,Wingdings 2,Wingdings 3
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: HASH::: d329f98f5ff046bed3146663d0f76a3b
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: component: 1.33,false,24,-120,Windows,10,false,amd64,Andale Mono,Arial,Arial Black,Bauhaus 93,Bitstream Vera Sans Mono,Bitstream Vera Serif,Bodoni 72,Bodoni 72 Oldstyle,Bodoni 72 Smallcaps,Bookshelf Symbol 7,Calibri,Cambria,Comic Sans MS,Courier,Courier New,English 111 Vivace BT,Georgia,GeoSlab 703 Lt BT,GeoSlab 703 XBd BT,Helvetica,Humanst 521 Cn BT,Impact,Lohit Gujarati,Modern No. 20,MONO,Sawasdee,Times,Times New Roman,Trebuchet MS,Univers CE 55 Medium,Verdana,Wingdings 2,Wingdings 3
console-api	log	URL: https://www.24h.com.vn/(Line 2522) Message: set NEW_FOOTBALL_INTERFACE 2: 9
console-api	log	URL: https://www.24h.com.vn/(Line 2589) Message: data_user_segment_set_target:
console-api	log	URL: https://static-us.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js(Line 2) Message: saveToStore get data of key profile24hUid: 0c86130cdca1a0796085d3873c357c54
console-api	warning	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: VIDEOJS: WARN: A plugin named "reloadSourceOnError" already exists. You may want to avoid re-registering plugins!
console-api	warning	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api	warning	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api	warning	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockCheckedStatus: false
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockEnabled: undefined
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.24h.com.vn/
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockCheckedStatus: false
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockEnabled: undefined
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockCheckedStatus: false
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockEnabled: undefined
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockCheckedStatus: true
console-api	log	URL: https://static-us.24h.com.vn/js/24hplayer-drm.min.js?v=103231082021(Line 2) Message: adBlockEnabled: false
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.12.js(Line 32) Message: a: 0.001953125 ms
console-api	log	URL: https://static-us.24h.com.vn/js/common_092018_pc.min.js?v=103231082021(Line 1) Message: ads-not-delivery:ADS_143_15s
console-api	log	URL: https://static-us.24h.com.vn/js/common_092018_pc.min.js?v=103231082021(Line 1) Message: ads-not-delivery:ADS_143_15s
console-api	log	URL: https://static-us.24h.com.vn/js/common_092018_pc.min.js?v=103231082021(Line 1) Message: ads-not-delivery:ADS_143_15s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06c2fbeeb8ae49b4163c34d4fd90e28c.safeframe.googlesyndication.com
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
analytics.google.com
anh.24h.com.vn
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image-us.24h.com.vn
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prg3431.smartadserver.com
pubmatic-match.dotomi.com
quantcast.mgr.consensu.org
r2---sn-4g5edn6r.c.2mdn.net
r2---sn-4g5lzned.c.2mdn.net
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
search.24hstatic.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static-us.24h.com.vn
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
thongke.24h.com.vn
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
visitanalytics.userreport.com
www.24h.com.vn
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.151.240.80
104.117.200.100
104.244.36.20
125.212.247.127
125.212.247.143
13.224.90.44
13.224.93.66
13.224.93.91
142.250.184.194
142.250.185.194
142.250.185.66
142.250.186.66
151.101.14.49
159.253.128.183
159.65.196.12
178.250.0.157
178.250.0.163
178.250.0.165
18.156.0.31
18.195.184.159
18.233.75.25
185.29.132.245
185.33.221.52
185.33.221.53
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.32
185.86.138.144
2.18.233.180
2.18.234.21
2.21.111.28
2001:678:cb4:bbbb::11
213.155.156.165
2600:9000:2190:2800:9:46dc:4700:93a1
2606:4700:10::ac43:db6
2a00:1288:110:c305::8000
2a00:1450:4001:13::7
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:801::2006
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:4001:e::7
2a00:1450:400c:c06::9c
2a00:1450:400c:c06::9d
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:16::1370
34.253.169.181
35.210.53.219
37.157.2.236
51.222.80.231
52.215.67.233
52.45.16.192
52.46.130.91
54.76.195.222
64.185.232.226
66.155.71.150
69.173.144.138
69.173.144.140
74.125.140.155
76.223.111.131
85.114.159.118
85.217.188.5
91.228.74.198
0041fcb49da432124970173cfde018bad4a73faedba9cbc21df0afd972606356
03bef2b68f432b1ac2abffe1a4ce55d98a9ef106e707c4e3a2c1f7473b228de8
045a9c71ac8cedba3153b0769c8d79f3790a0d641769920211b77190f2b65277
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fca24bed8d7aa6e909b084c4a51d8e89f6460ef7468c949f9ff32838be8cf2
0acb3da9feb2ed6b5b5e0a83ae35a3926abd791ea8ce38daa0f203919cb63612
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bef7351617f59a231fe41b3a6cd8ba987f3ff8631012c2d6d2b4461fbab5e22
0f3d167834148c19be718ee0d51f0e92d21b8ab028a14621377734602bffa5d0
10627e291b8859a483624b20554fd136ce6015af310ac5b9395411e40d77100f
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141487852a934a148b8e436c41d14938aac3738d764a13652fa8b3835a00785c
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb
153d12fce38abac81f770159e305a57f543693bbd70e5a53512bddb37404cee9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a8a8366743aedf72a70cb7fc900bda1ef792d448b1cbbd1f36cf6c45aaa1dfa
1bc1f5bf62f5d098fc73ef2b4008f8c3c14a19526d8d05a3ec27a8c7cf82e02e
1d1651d91488d8e6357d29c08174475d886c695a2a9101ab4c73efd0137ad3ef
1f0790ace504976bc5566428633b6e2b0de71ccbccd589a7957d0b15f1bc0664
200bab94b898cd8f4a89b2ab0ba5f4e820b946d1892ea35149e666586da42f2c
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
29e1b7c554c23ba599647a42f55ad4e749849e2dc56233b22bf5e6169a912d23
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2f0b65a8bf0d9afbdec310c286b95197579f7787041c857c1ee7bfe8437f1844
2feb08ef4da323ce4101347997ccf881d4bd6c6a2a28d78deadd7f27a745cbcd
329a2c389a4b4990cfbfb27a920eb8f4d520d139b84c872c7f29f3e36fcb5d13
33c60cc93fb570ad02bf48fbab6e1e4552feb8d0d5347e1b43c6bc1101246d83
34c7fc7b2339c77b969ee3e0b5740e7498f23ad9e7dddf25a88dc6398a5dc92b
3679d93f32c8a4019b71cd695be75acfcb43ef2ec7c728e45477a379909be8cd
3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7
39851aa09105af84ffceec77932708e326e2d21c834ac9eb78c0d7b24de2db3e
3aa6ff8300b6e0153a8ea3c49b882f29c32fc31c7823ce23846074fac28ab858
3c43eebd87cf46dbbcff6837ad3e4c214d23754e2a4e776a997106aaf711a2e0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edac33045fe1c4b6c03f53f611163aab2cec88da4a3d06ade899cff2159acf1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43001b47ca47d87ec329f7c560ea87e8957d65d599932b6c8a08a5f676fa05f7
44027947ef57143d3ca886ebcaf1ccd676e3877166989831f6c7ae79270a3864
444b7093c4659b81a6d74b548adf693505a2e7930e2e31106092cfd7e76f5488
4533da4b200a6331236bdd8faba8c9ec8505e5cb8b6a94991f7e04a92a819f82
4670fa0970687a6af5907fce5830bf72ab3bc3b472e1900db33696d9416b78fa
47362f03763fafea173fabaa570f4054c7931e5f8d1e6f6daa2b08cafae41cd3
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
485fe71815a4c4825230c3d726a07fff2a848f872cec034d2477bbf2d008f7a8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eea50849113bc18064adb96f63b7a0d546acd764748ad092e799766f240825e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557922e7c1394227887567b4b11d2271c7041d8c2b9ec8326fc6067d050e9f96
55a56f73a3a80cdb4cb0526e3ee3e9af1e17752219178fba21f473b7b5e106e7
55d1393253ded8e10b66c67f0c62234f6bdbf5da8f15da685fa004d57c2f5717
55d80d0d97eab091d0d2bf11a7fd12b1cda8c5b6733c3b20c6ce1f8449a8ff71
56d57898e63e91f26ae4f5e548ce001d42770c6c9901e23e8dc9260f27ca2dac
572c0c661d5dbe015119d55875babdc8548fe51c8d56414412266d8532674a8e
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
57c9e991dd4be9412a0271944e8603ddf5af25ef262652181d2c2c0129da60ab
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
59a61ff77e1403098b19dd0cd085402a25d832ea434c8dc61d19f72eb1c505f8
5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681
5b5ebec082cb17290eed9104cc87452924b61e8f8c3d72617ff0b0e795830b37
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e2920656d265c3380134c0cfe907be5069b8cf862f76c16cb1b57b5d7f519b3
5ebaa0f9194002e7c8527f312cbd8b5e6c846ec54e4923da4dcb5bc635a42c7d
60ce6370065a632fc70c5e3ae6b9445ddcb67b5f53d8deda6ff652fd06c71c96
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
60f1a901e0dd1b526a19d1e3e310c6588c0915d5aa3467d3c2d965dc4824c2ff
619e2a31add3dd54577e508f26e1df919bbba4dde01fc453fb4f16f18023e3f9
62bce39cbbf76e49c475f31029efa2d5cc8c4bde4417f76cec3acc613d215ac3
630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd
652e9bb1be6ed1bc89cbaa2b34d5b65daa8f6bc2d04f369a9ed32a95792fabd3
686747a56dcd11c85427011faec4c07895a0dad0ade73aa0e44f51e362731f04
706c00a20b498d0d30f955a78ffa5d102aeae35b304f85155bed18b05dc5d379
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76040defede86743c048e3eee87635a3e9aac6e8e7052e681656eb84c2099d70
78bfd92cbc59bc0df590128e3d526aba12041641802f4a70fa46072d92d3f0e0
7aa3edd457d03ef9369a8500e6ce97a95e33f66e4de8ba161763cf75a5adf01d
7c09397ce7a8b68a099dae0693d861248af20d890a7cd0fb879e6c42ea1c8683
7cc25d33b590c2c5501eecfc82f9a7084f5d2a4f6addecd75f3b663f5bb188f8
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80766b07504ff14ee113f87bbade39ac042d74d432879a32e3d924604a85e4bd
82b619cbf3a19f241d38f222b0993708ab553b65f47b8d82e328506e5d00a94f
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c8a9a2aa686ef2a0ff0a0aea5ebdd368de93a2eab634b9725c67ed1ebab139f
8cd323190d64933d26fde865c63aff98528381cb6187df13adcaf19a19847603
8cd6789dc35b6a3e06ec045e51dd94f9451fe7f44f3955926cca65f2d62358c5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ece0016807ca3b1afe020fafb3b035e8277d0422981b858373d0db66e15be0d
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
91f05d7991ceeec212d4415e79f57f7f1d62e3f981040197573287797c28fd5c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
99b160878f31bffec9b08169c51d57229fd5ffe388cd8516a5a3865e1d8c9154
9ae6152a9619f25bc793c62185d1b49df2b21a1bee6b94e8d10c3ed5c74fc686
9b96a5cfdd95b9a9c057b8b25f559fc040ce2f990b994b49f77f89bd8318fbed
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a213f767368669cbb3ba38c4b7619623ebf41c9125107fd1bd7151213af746e1
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a406e8da06f4cb11d23b86b3008959537ae6c1635aba5de32799b88f747bd56c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a552529e3596bdac17af933ccbbb65a44a87b8e6644a51af43f00c8d70251da3
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6b9107019951fda6d350e06326b64e2809d9e26dd1c23b3a85bf448e8312e77
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa27358af7647d155db5acae6ff757208924e86f2d406f0a554efef70bc62c8f
ae7496f9167f527898df98f76e7d3d994ed90cdecf1863577a7b31f847e777c1
af1621ffafde241d841608de3f1890183eca741a876d4417bf279015eed0c2db
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2184da13e51b77d33ef2fca92a0bf375e728cead838a546ad8d873c3acd7ea4
b3a68c679e3ba150c911505427369ff451f8ab758e308c46d958e96d5e10e203
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b67da6c329bc4b715771898ef7979260fae5db6402303bd8eb29d0e7e54dd13e
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8c129096303268581cdb337ab283de2545bc93d0c225543a2463dcf516edd7e
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
ba8a7984d391e116184231350a42902c5119db6dce935192d4983f32080eb974
ba8e3ce311d49c093568213dce2b0be9607e3cc039d74ede7c01cbfd1ba107d4
bb0ed0ceb8eb9c198a734638387c3bccc64bcccbab515e35e703c3ed24aa6369
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bcb1381647068fd69298ea0b90bcb16b381e833c1a7ebb219c45c29ec094fc01
be7e262ca938c2d20d85be20cd178f5ac039546d5134dcf2c4b256623fd72c2a
c03c35c0522d80ce801580a7ed8677879be8fa7204cba094a503f1701f5253fc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d7061f04a3dc0a49b3e7a73669309cd522b3698ef7f565aa20ab5ff3b804f1
c65f868b7b236688247b9941b8a530222bffb10a67d357358c36a4e3005d085e
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
c783ce843ae6f0f11bfca4ee856adce9d70196f162aec1208ae9ac8d6b7995b9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccb52e2283ca376d6f808c82a4d71954909cb6e36b7459e6491d5a40953ae5a5
cd259efa071c094692605955dc51afbb045bfd30bd51fb39733398c60b07c139
ceaae3fde1f6f58acf9854cf4dc4a2a74280917ca43478380593fa0933dc6762
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2e880c3767b0b93dfb83b4ea13a58d9e7f6b668297dc7b1a9fab72ebf0122cc
d3a76e11164a86988168715d79d85fb20ee0bdcca58f6be00f6578438dfdb682
d422c24b9e7539d4f56c89f2453407179a3c559893bc44ebd29c654bb589578e
d5fe6350b11661d6e0137a09a918c61d25ff5551ffba752c19d8911f7a5884f4
d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90
db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45
ddd3d5f7258994cedb5cb0f8570554722a0614f3ffc4adc4875b18a9d14c5762
ddfb7a6ca0091eceddeaf357dab046f0748d748f599a9c32f1eb77cea863eb32
deda973a736525540477b3eb1167d1b424134c2d2be369a538b10c6c3b82155c
e0aeefcb91f4302844150bf9d5645c6bed7fc7aa7a5e39f52c8e80b53e90edb4
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41665a2b962dc350bbcfb7b52e4090115ecc8c0cc50f876368631069b9b180b
e4992fce0934058f60b2765e3818794f82db0d7b44c6fc04868b0c10a76e7e80
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246
e70171e770823bb81281aa5dfce0689ba5659ee6aa62dfaa7a67add0d3fb22ae
e7848095f245d90e00733a33f7ed3ecf6a43fc7dd4fe9fbc7c4caccff8b710a7
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8cbb2f433b4aad3a188ceaaca11a27a73916ef87f262e9038808687986ce4f8
e8f485d7a4f29552621b4af6cdeff988a88877afa2973fa4ec2dafd476ba2a21
ebe4716a6e7352f7655ae9e5fc8db8bff637886ee3f1e208de7c493c2bb0344b
eceff0e8baa41142171d28465ed7a7a3526cc4d2c8f69b0f13be4937f878252c
ee072a06ad0ab79b8ab10f8238f273815b46d2653ae95e456f92489ec34e261d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f335f1cb8313a9babd360faedfdb1c6c840ed0abdeb6b0679e2e8859a604a123
f3a0b682222b30407a0d3a63896613ef3fab69e58c53822b402e6c687968998e
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f8016bb55b305355bcd79dc17cab8ef57feddad959bed6c84a555469066e9430
fac372bff544beeb15221971f20cf98181d2daabdfdb0a30c7e7065b23c6cdce
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff384f02dd8e8ef48a2a4839deb0d3e9a48d144d3907515705dfde6ec512e566
ff3d1a90882751a47c90967bdbc7a086e7e3e295c4d7caa8bfe53c0e16f2d0f2

www.24h.com.vn Open in urlscan Pro 103.151.240.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

318 Requests

99 %HTTPS

42 %IPv6

46 Domains

90 Subdomains

76 IPs

13 Countries

9350 kBTransfer

14249 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

318 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.24h.com.vn Open in urlscan Pro
103.151.240.80 Public Scan

Screenshot
Live screenshot

Full Image

318
Requests

99 %
HTTPS

42 %
IPv6

46
Domains

90
Subdomains

76
IPs

13
Countries

9350 kB
Transfer

14249 kB
Size

20
Cookies

318 HTTP transactions
5 data transactions