vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Submission: On February 02 via manual (February 2nd 2023, 9:21:51 am UTC) from VN — Scanned from DE

Summary HTTP 961 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 136 IPs in 16 countries across 105 domains to perform 961 HTTP transactions. The main IP is 111.65.250.2, located in Viet Nam and belongs to FPTONLINE-AS-VN FPT Online JSC, VN. The main domain is vnexpress.net. The Cisco Umbrella rank of the primary domain is 50125.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on May 31st 2022. Valid for: a year.

This is the only time vnexpress.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	111.65.250.2 111.65.250.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
12	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
6	111.65.251.2 111.65.251.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
2	99.86.4.3 99.86.4.3	16509 (AMAZON-02) (AMAZON-02)
56	27.126.192.213 27.126.192.213	45474 (NEXUSGUAR...) (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
5 14	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	1.55.119.42 1.55.119.42	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
33	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
9	2606:4700:20:... 2606:4700:20::ac43:4aa0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
9	143.204.215.5 143.204.215.5	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	111.65.249.226 111.65.249.226	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	180.148.132.197 180.148.132.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	111.65.249.224 111.65.249.224	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	111.65.249.130 111.65.249.130	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	180.148.136.107 180.148.136.107	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	111.65.249.131 111.65.249.131	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1 3	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
23	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7 49	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	180.148.132.75 180.148.132.75	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
3	111.65.248.197 111.65.248.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	111.65.248.177 111.65.248.177	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
3	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
2	2620:100:a005::6 2620:100:a005::6	19750 (AS-CRITEO) (AS-CRITEO)
1	13.227.219.63 13.227.219.63	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
8	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
27	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	143.204.215.89 143.204.215.89	16509 (AMAZON-02) (AMAZON-02)
18 36	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.103.89.173 104.103.89.173	16625 (AKAMAI-AS) (AKAMAI-AS)
18	52.222.139.112 52.222.139.112	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
18	34.254.104.103 34.254.104.103	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	52.222.139.13 52.222.139.13	16509 (AMAZON-02) (AMAZON-02)
1	180.148.134.72 180.148.134.72	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
5	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
18	18.66.23.210 18.66.23.210	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1 6	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2	18.196.123.254 18.196.123.254	16509 (AMAZON-02) (AMAZON-02)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
4	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
21	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 6	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6	18.192.227.159 18.192.227.159	16509 (AMAZON-02) (AMAZON-02)
9	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
20	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
11 15	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 6	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	111.65.248.206 111.65.248.206	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
5	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	180.148.129.21 180.148.129.21	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	111.65.248.229 111.65.248.229	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
13	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
14	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
9	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:5dd2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
10	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
18	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5 5	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
6	209.25.233.254 209.25.233.254	13768 (COGECO-PEER1) (COGECO-PEER1)
4 4	199.127.204.147 199.127.204.147	26120 (RHYTHMONE) (RHYTHMONE)
14 15	35.212.133.238 35.212.133.238	15169 (GOOGLE) (GOOGLE)
2 10	2a05:d018:d29... 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5	16509 (AMAZON-02) (AMAZON-02)
6 6	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	2600:1f1c:a99... 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348	16509 (AMAZON-02) (AMAZON-02)
7 8	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
28	34.107.214.50 34.107.214.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 19	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.2.110.113 8.2.110.113	46636 (NATCOWEB) (NATCOWEB)
5	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
14	34.117.33.6 34.117.33.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 6	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 34	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 3	54.72.53.159 54.72.53.159	16509 (AMAZON-02) (AMAZON-02)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
9	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	74.119.118.138 74.119.118.138	19750 (AS-CRITEO) (AS-CRITEO)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 5	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.86.222.203 52.86.222.203	14618 (AMAZON-AES) (AMAZON-AES)
5 5	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
5 11	54.154.174.88 54.154.174.88	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	157.90.40.26 157.90.40.26	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
2 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	141.94.161.158 141.94.161.158	16276 (OVH) (OVH)
1 1	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
3	52.50.45.218 52.50.45.218	16509 (AMAZON-02) (AMAZON-02)
2	64.95.96.108 64.95.96.108	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	15.235.15.221 15.235.15.221	16276 (OVH) (OVH)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	104.36.113.68 104.36.113.68	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.245.154.233 34.245.154.233	16509 (AMAZON-02) (AMAZON-02)
1	204.237.133.121 204.237.133.121	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
6 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:1e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:cb0... 2a02:6ea0:cb00::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
15	52.28.67.171 52.28.67.171	16509 (AMAZON-02) (AMAZON-02)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.20.193.33 52.20.193.33	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.213.67.173 3.213.67.173	14618 (AMAZON-AES) (AMAZON-AES)
4	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a05:d018:cc3... 2a05:d018:cc3:fe04:3cd4:fa83:9893:2f4f	16509 (AMAZON-02) (AMAZON-02)
6 6	35.166.135.198 35.166.135.198	16509 (AMAZON-02) (AMAZON-02)
4 4	52.8.184.151 52.8.184.151	16509 (AMAZON-02) (AMAZON-02)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1 1	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	162.19.80.92 162.19.80.92	16276 (OVH) (OVH)
961	136

2 111.65.250.2 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 111.65.251.2 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

s1.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 27.126.192.213 (Hong Kong)

ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK)

scdn.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1cdn.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-kinhdoanh.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 1.55.119.42 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

octopus-stream01-cads.fpt.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::ac43:4aa0 (United States)

ASN13335 (CLOUDFLARENET, US)

flo.uri.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.215.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-5.fra53.r.cloudfront.net

public.flourish.studio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 111.65.249.226 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

adp.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 180.148.132.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

la2.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.249.224 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

g.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.65.249.130 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

s.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 180.148.136.107 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

la3.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.249.131 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

static.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 37.252.171.85 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.132.75 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

gw.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 111.65.248.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

usi-saas.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.65.248.177 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

ps.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

3a5d6ae81e002caeda0eb340b39787f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0d15eeaaf8e1c7cb9cd5564124c201b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d9d18169329477829e95730764e80a24.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a005::6 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-63.ams54.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.hb.selectmedia.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:78b (United States) 18 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.103.89.173 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-89-173.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.222.139.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-112.ams50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.hb.selectmedia.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.254.104.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-13.ams50.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.134.72 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

my.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.66.23.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-210.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.233 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.123.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-123-254.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

select-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.52.2.91 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.192.227.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-227-159.eu-central-1.compute.amazonaws.com

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.18.2 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.36.113.107 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.65.248.206 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

a1.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.129.21 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

logperf.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.248.229 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

core.polyad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:5dd2 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.56.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.25.233.254 (Los Angeles, United States)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.147 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.212.133.238 (The Dalles, United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: 238.133.212.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.132.241 (United Kingdom) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348 (San Jose, United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.3.20 (Denmark) 7 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 34.107.214.50 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.214.107.34.bc.googleusercontent.com

sm1.selectmedia.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
serv-selectmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.113 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

as.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.117.33.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.33.117.34.bc.googleusercontent.com

track-selectmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.155.104 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.72.53.159 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-53-159.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.118.138 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.94.222.140 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.222.203 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-222-203.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.154.174.88 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-174-88.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.40.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.40.90.157.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.223.115 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.161.158 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-1.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.45.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.15.221 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.68 (United States)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.245.154.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-154-233.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.121 (Ambler, United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.164.11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:1e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.28.67.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Norresundby, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.193.33 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-193-33.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.67.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-67-173.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.71.22 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe04:3cd4:fa83:9893:2f4f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.166.135.198 (Boardman, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-135-198.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.8.184.151 (San Jose, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-184-151.us-west-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Meaux, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.63 (Itasca, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.19.80.92 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 472 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524 dsum.casalemedia.com — Cisco Umbrella Rank: 1385 ssum.casalemedia.com — Cisco Umbrella Rank: 1332	48 KB
67	pubmatic.com 4 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450 image8.pubmatic.com — Cisco Umbrella Rank: 635 image2.pubmatic.com — Cisco Umbrella Rank: 872 ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 733 simage2.pubmatic.com — Cisco Umbrella Rank: 665 aud.pubmatic.com — Cisco Umbrella Rank: 4113 image4.pubmatic.com — Cisco Umbrella Rank: 941 simage4.pubmatic.com — Cisco Umbrella Rank: 1166	101 KB
67	vnecdn.net s1.vnecdn.net — Cisco Umbrella Rank: 101077 s1cdn.vnecdn.net — Cisco Umbrella Rank: 179299 adp.vnecdn.net — Cisco Umbrella Rank: 89913 la2.vnecdn.net — Cisco Umbrella Rank: 94757 la3.vnecdn.net — Cisco Umbrella Rank: 122608 vcdn1-kinhdoanh.vnecdn.net — Cisco Umbrella Rank: 342735 a1.vnecdn.net — Cisco Umbrella Rank: 170042 s.vnecdn.net — Cisco Umbrella Rank: 152298	2 MB
61	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 acdn.adnxs.com — Cisco Umbrella Rank: 534 secure.adnxs.com — Cisco Umbrella Rank: 409	221 KB
56	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 291 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488 s.amazon-adsystem.com — Cisco Umbrella Rank: 271 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902	212 KB
50	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	556 KB
46	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 454 eus.rubiconproject.com — Cisco Umbrella Rank: 537 pixel.rubiconproject.com — Cisco Umbrella Rank: 308 token.rubiconproject.com — Cisco Umbrella Rank: 548 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 900	113 KB
43	googlesyndication.com 3a5d6ae81e002caeda0eb340b39787f7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 0d15eeaaf8e1c7cb9cd5564124c201b6.safeframe.googlesyndication.com d9d18169329477829e95730764e80a24.safeframe.googlesyndication.com	487 KB
39	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1156 bcp.crwdcntrl.net — Cisco Umbrella Rank: 885 sync.crwdcntrl.net — Cisco Umbrella Rank: 757	183 KB
37	gstatic.com fonts.gstatic.com	471 KB
36	btloader.com 18 redirects btloader.com — Cisco Umbrella Rank: 789	119 KB
32	yahoo.com 7 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 816 c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1129 ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	8 KB
28	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 imasdk.googleapis.com — Cisco Umbrella Rank: 432	4 MB
27	serv-selectmedia.com serv-selectmedia.com — Cisco Umbrella Rank: 27402	3 MB
24	openx.net 1 redirects select-d.openx.net — Cisco Umbrella Rank: 38956 adtelligent-d.openx.net — Cisco Umbrella Rank: 26551 eu-u.openx.net — Cisco Umbrella Rank: 2146 rtb.openx.net — Cisco Umbrella Rank: 1634 us-u.openx.net — Cisco Umbrella Rank: 417	5 KB
23	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 948 id5-sync.com — Cisco Umbrella Rank: 389	300 KB
21	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4470 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 75 adservice.google.com — Cisco Umbrella Rank: 70	81 KB
18	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 577 cdn.indexww.com — Cisco Umbrella Rank: 1508	14 KB
18	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 886 trc-events.taboola.com — Cisco Umbrella Rank: 1293 trc.taboola.com — Cisco Umbrella Rank: 639 images.taboola.com — Cisco Umbrella Rank: 1616 am-trc-events.taboola.com — Cisco Umbrella Rank: 18047 pips.taboola.com — Cisco Umbrella Rank: 1489 cds.taboola.com — Cisco Umbrella Rank: 1573 sync.taboola.com — Cisco Umbrella Rank: 919	411 KB
15	bidswitch.net 14 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	7 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 358	326 KB
15	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 388 bidder.criteo.com — Cisco Umbrella Rank: 730 mug.criteo.com — Cisco Umbrella Rank: 2753 dis.criteo.com — Cisco Umbrella Rank: 696 widget.eu.criteo.com — Cisco Umbrella Rank: 21984	11 KB
14	track-selectmedia.com track-selectmedia.com — Cisco Umbrella Rank: 26831	638 B
14	adform.net 8 redirects adx.adform.net — Cisco Umbrella Rank: 4264 cm.adform.net — Cisco Umbrella Rank: 1400 c1.adform.net — Cisco Umbrella Rank: 568	5 KB
14	selectmedia.asia player.hb.selectmedia.asia — Cisco Umbrella Rank: 26701 ghb.hb.selectmedia.asia — Cisco Umbrella Rank: 28702 sm1.selectmedia.asia — Cisco Umbrella Rank: 29199	402 KB
13	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	4 KB
13	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	126 KB
11	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 470	5 KB
11	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9092	4 KB
10	google.de www.google.de — Cisco Umbrella Rank: 5986 adservice.google.de — Cisco Umbrella Rank: 8741	2 KB
10	vnexpress.net vnexpress.net — Cisco Umbrella Rank: 50125 gw.vnexpress.net — Cisco Umbrella Rank: 92288 usi-saas.vnexpress.net — Cisco Umbrella Rank: 89037 ps.vnexpress.net — Cisco Umbrella Rank: 126870 my.vnexpress.net — Cisco Umbrella Rank: 146746 logperf.vnexpress.net — Cisco Umbrella Rank: 104063	85 KB
9	flourish.studio public.flourish.studio — Cisco Umbrella Rank: 31542	246 KB
9	uri.sh flo.uri.sh — Cisco Umbrella Rank: 43881	810 KB
9	eclick.vn scdn.eclick.vn — Cisco Umbrella Rank: 181394 g.eclick.vn — Cisco Umbrella Rank: 124791 s.eclick.vn — Cisco Umbrella Rank: 90370 static.eclick.vn — Cisco Umbrella Rank: 153874	151 KB
7	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 10216 a-prebid.vidoomy.com — Cisco Umbrella Rank: 15196 a.vidoomy.com — Cisco Umbrella Rank: 10343 vid.vidoomy.com — Cisco Umbrella Rank: 2287	21 KB
6	dyntrk.com 6 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1019	2 KB
6	w55c.net 6 redirects pm.w55c.net — Cisco Umbrella Rank: 693	4 KB
6	mathtag.com 6 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	3 KB
6	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 601	1 KB
6	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 9154 user-sync.adxpremium.services — Cisco Umbrella Rank: 16808	6 KB
6	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 592	2 KB
6	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1177	103 KB
6	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 660 search.spotxchange.com — Cisco Umbrella Rank: 578	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	268 KB
5	everesttech.net 5 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	1002 B
5	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 499 eb2.3lift.com — Cisco Umbrella Rank: 329	1 KB
4	creative-serving.com 4 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3970	3 KB
4	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1006	584 B
4	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1539 gw.geoedge.be — Cisco Umbrella Rank: 1673	176 KB
4	quantserve.com 4 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	2 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 507	3 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 725	721 B
4	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1314	1 KB
4	fpt.vn octopus-stream01-cads.fpt.vn — Cisco Umbrella Rank: 102626	130 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	260 KB
3	ad4m.at ad4m.at — Cisco Umbrella Rank: 9391
3	company-target.com 3 redirects s.company-target.com — Cisco Umbrella Rank: 2151	1011 B
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 22942 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24369	898 B
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 748	1 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 767	1 KB
3	ctnsnet.com 2 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5049 cm.ctnsnet.com — Cisco Umbrella Rank: 3639	1000 B
3	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 835	741 B
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	3 KB
3	4dex.io mp.4dex.io — Cisco Umbrella Rank: 2045 script.4dex.io — Cisco Umbrella Rank: 2192	26 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3735	73 KB
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 741	1 KB
2	adroll.com d.adroll.com — Cisco Umbrella Rank: 1473	361 B
2	audrte.com 1 redirects a.audrte.com — Cisco Umbrella Rank: 2249	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1110	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 3490	894 B
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3641	1 KB
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1283	565 B
2	onaudience.com 2 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 13267 pixel.onaudience.com — Cisco Umbrella Rank: 2833	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	1 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	868 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4143	562 B
2	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 2524 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3016	285 B
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5803	351 B
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 882	209 B
2	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5931	23 KB
2	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 51729 s.trvdp.com — Cisco Umbrella Rank: 46731	134 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 647	58 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 148	2 KB
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1502	349 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 512	309 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1452	281 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 2435	382 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2556	641 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	17 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 353	706 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3445	467 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1938	555 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 16334	412 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 5624
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5207	277 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 522	715 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560	790 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401	524 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 25077	268 B
1	ck-ie.com 1 redirects as.ck-ie.com — Cisco Umbrella Rank: 10054	484 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 17666	3 KB
1	polyad.net core.polyad.net — Cisco Umbrella Rank: 175131	508 B
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 15586	722 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 42521	2 KB
1	unibots.in cpm.unibots.in — Cisco Umbrella Rank: 53497	260 B
961	105

	Domain	Requested by
49	ib.adnxs.com	7 redirects scdn.eclick.vn player.hb.selectmedia.asia acdn.adnxs.com serv-selectmedia.com
46	s1cdn.vnecdn.net	vnexpress.net s1cdn.vnecdn.net
37	fonts.gstatic.com	fonts.googleapis.com
36	btloader.com	18 redirects vnexpress.net
34	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
28	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net vnexpress.net rumcdn.geoedge.be
27	serv-selectmedia.com	sm1.selectmedia.asia serv-selectmedia.com
27	c.amazon-adsystem.com	vnexpress.net c.amazon-adsystem.com serv-selectmedia.com
25	tpc.googlesyndication.com	vnexpress.net securepubads.g.doubleclick.net tpc.googlesyndication.com rumcdn.geoedge.be
23	hbopenbid.pubmatic.com	scdn.eclick.vn player.hb.selectmedia.asia serv-selectmedia.com
21	imasdk.googleapis.com	serv-selectmedia.com imasdk.googleapis.com
20	htlb.casalemedia.com	player.hb.selectmedia.asia serv-selectmedia.com
18	eus.rubiconproject.com	player.hb.selectmedia.asia eus.rubiconproject.com serv-selectmedia.com
18	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com serv-selectmedia.com
18	bcp.crwdcntrl.net	tags.crwdcntrl.net
18	cdn.id5-sync.com	vnexpress.net
18	tags.crwdcntrl.net	vnexpress.net
16	c2shb.pubgw.yahoo.com	player.hb.selectmedia.asia serv-selectmedia.com
15	prebid-server.rubiconproject.com	serv-selectmedia.com
15	x.bidswitch.net	14 redirects ssum-sec.casalemedia.com
15	cm.g.doubleclick.net	11 redirects eu-u.openx.net
15	pagead2.googlesyndication.com	vnexpress.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
14	track-selectmedia.com	vnexpress.net serv-selectmedia.com
14	ads.pubmatic.com	player.hb.selectmedia.asia ads.pubmatic.com adxbid.info serv-selectmedia.com
13	simage2.pubmatic.com	ads.pubmatic.com
13	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
13	match.adsrvr.org	player.hb.selectmedia.asia eu-u.openx.net ssum-sec.casalemedia.com ads.pubmatic.com serv-selectmedia.com
13	www.google-analytics.com	vnexpress.net www.googletagmanager.com www.google-analytics.com flo.uri.sh
12	eu-u.openx.net	player.hb.selectmedia.asia eu-u.openx.net
11	match.prod.bidr.io	5 redirects ssum-sec.casalemedia.com eu-u.openx.net
11	mc.yandex.com	3 redirects vnexpress.net mc.yandex.ru
10	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com ssum-sec.casalemedia.com eu-u.openx.net
10	acdn.adnxs.com	player.hb.selectmedia.asia serv-selectmedia.com
10	www.google.com	2 redirects vnexpress.net securepubads.g.doubleclick.net tpc.googlesyndication.com rumcdn.geoedge.be
9	cdn.indexww.com	ssum-sec.casalemedia.com
9	js-sec.indexww.com	player.hb.selectmedia.asia serv-selectmedia.com
9	public.flourish.studio	flo.uri.sh vnexpress.net
9	flo.uri.sh	vnexpress.net flo.uri.sh s1cdn.vnecdn.net scdn.eclick.vn
8	c1.adform.net	7 redirects ads.pubmatic.com
7	ghb.hb.selectmedia.asia	player.hb.selectmedia.asia
7	fonts.googleapis.com	flo.uri.sh securepubads.g.doubleclick.net
7	gum.criteo.com	3 redirects cdn.taboola.com static.criteo.net
7	cdn.taboola.com	vnexpress.net cdn.taboola.com
6	gu.dyntrk.com	6 redirects
6	pm.w55c.net	6 redirects
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
6	sync.mathtag.com	6 redirects
6	pixel-sync.sitescout.com	ads.pubmatic.com ssum-sec.casalemedia.com
6	image2.pubmatic.com	1 redirects ads.pubmatic.com
6	ap.lijit.com	1 redirects player.hb.selectmedia.asia adxbid.info
6	secure.cdn.fastclick.net	vnexpress.net
6	player.hb.selectmedia.asia	vnexpress.net player.hb.selectmedia.asia
6	www.googletagservices.com	vnexpress.net securepubads.g.doubleclick.net rumcdn.geoedge.be
5	pixel.rubiconproject.com	2 redirects adxbid.info
5	sync-tm.everesttech.net	5 redirects
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com
5	dsum.casalemedia.com	ssum-sec.casalemedia.com
5	user-sync.adxpremium.services	adxbid.info vid.vidoomy.com ads.pubmatic.com
5	us-u.openx.net	eu-u.openx.net
5	ups.analytics.yahoo.com	5 redirects
5	mug.criteo.com
5	id5-sync.com	cdn.id5-sync.com player.hb.selectmedia.asia
5	vcdn1-kinhdoanh.vnecdn.net	vnexpress.net
5	adservice.google.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
5	adservice.google.de	securepubads.g.doubleclick.net rumcdn.geoedge.be
5	www.google.de	vnexpress.net
5	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
5	scdn.eclick.vn	vnexpress.net scdn.eclick.vn
5	s1.vnecdn.net	vnexpress.net s1cdn.vnecdn.net
4	ads.creative-serving.com	4 redirects
4	odr.mookie1.com	ssum-sec.casalemedia.com eu-u.openx.net
4	token.rubiconproject.com	4 redirects
4	image6.pubmatic.com	1 redirects ads.pubmatic.com
4	cms.quantserve.com	4 redirects
4	sync.1rx.io	4 redirects
4	a-prebid.vidoomy.com
4	onetag-sys.com	player.hb.selectmedia.asia
4	fastlane.rubiconproject.com	player.hb.selectmedia.asia
4	adx.adform.net	player.hb.selectmedia.asia
4	adp.vnecdn.net	s1.vnecdn.net scdn.eclick.vn
4	octopus-stream01-cads.fpt.vn	vnexpress.net octopus-stream01-cads.fpt.vn
4	www.googletagmanager.com	vnexpress.net www.googletagmanager.com serv-selectmedia.com
3	ad4m.at	ssum-sec.casalemedia.com
3	s.company-target.com	3 redirects
3	search.spotxchange.com	serv-selectmedia.com
3	rumcdn.geoedge.be	serv-selectmedia.com rumcdn.geoedge.be vnexpress.net
3	ad.turn.com	3 redirects
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	sync.crwdcntrl.net	ads.pubmatic.com
3	csync.loopme.me	3 redirects
3	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
3	rtb.openx.net	1 redirects eu-u.openx.net
3	eb2.3lift.com	player.hb.selectmedia.asia adxbid.info
3	image8.pubmatic.com	2 redirects vnexpress.net
3	lb.eu-1-id5-sync.com	cdn.id5-sync.com player.hb.selectmedia.asia
3	images.taboola.com	vnexpress.net
3	accounts.google.com	s1cdn.vnecdn.net accounts.google.com
3	usi-saas.vnexpress.net	s1cdn.vnecdn.net
3	sync.search.spotxchange.com	1 redirects vnexpress.net
3	region1.analytics.google.com	www.googletagmanager.com
3	mc.yandex.ru	2 redirects vnexpress.net
2	cm.ctnsnet.com	2 redirects
2	p.rfihub.com	2 redirects
2	d.adroll.com	ssum-sec.casalemedia.com
2	sync.taboola.com	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	a.audrte.com	1 redirects
2	uipglob.semasio.net	1 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	secure.adnxs.com	2 redirects
2	ads.avct.cloud	2 redirects
2	visitor.fiftyt.com	2 redirects
2	cm.adgrx.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	sync.srv.stackadapt.com	2 redirects
2	d5p.de17a.com	2 redirects
2	cm.adform.net	1 redirects
2	a1.vnecdn.net	vnexpress.net
2	adtelligent-d.openx.net	player.hb.selectmedia.asia
2	select-d.openx.net	player.hb.selectmedia.asia
2	prebid-eu.creativecdn.com	player.hb.selectmedia.asia
2	prebid.a-mo.net	player.hb.selectmedia.asia
2	tlx.3lift.com	player.hb.selectmedia.asia
2	script.4dex.io	player.hb.selectmedia.asia script.4dex.io
2	player.adtelligent.com	player.hb.selectmedia.asia
2	googleads.g.doubleclick.net	vnexpress.net
2	static.criteo.net	scdn.eclick.vn static.criteo.net
2	trc.taboola.com	cdn.taboola.com
2	ps.vnexpress.net	s1cdn.vnecdn.net
2	la3.vnecdn.net	vnexpress.net
2	s.eclick.vn	s1.vnecdn.net scdn.eclick.vn
2	la2.vnecdn.net	s1.vnecdn.net vnexpress.net
2	sb.scorecardresearch.com	cdn.taboola.com vnexpress.net
2	vnexpress.net	vnexpress.net
1	dmp.brand-display.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.adotmob.com	1 redirects
1	gw.geoedge.be	rumcdn.geoedge.be
1	idsync.frontend.weborama.fr
1	mwzeom.zeotap.com
1	cm-supply-web.gammaplatform.com	1 redirects
1	ssum.casalemedia.com	1 redirects
1	d9d18169329477829e95730764e80a24.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	imasdk.googleapis.com
1	vid.vidoomy.com	adxbid.info
1	px.ads.linkedin.com
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	pixel-eu.onaudience.com	1 redirects
1	green.erne.co	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	widget.eu.criteo.com	1 redirects
1	dis.criteo.com	1 redirects
1	casale-match.dotomi.com	1 redirects
1	euexchangesync.digitaleast.mobi	1 redirects
1	as.ck-ie.com	1 redirects
1	sm1.selectmedia.asia	securepubads.g.doubleclick.net
1	a.vidoomy.com
1	adxbid.info	player.hb.selectmedia.asia
1	core.polyad.net	s.vnecdn.net
1	logperf.vnexpress.net
1	s.vnecdn.net	www.googletagmanager.com
1	0d15eeaaf8e1c7cb9cd5564124c201b6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	rtb.adxpremium.services	player.hb.selectmedia.asia
1	c2shb.ssp.yahoo.com	player.hb.selectmedia.asia
1	d.vidoomy.com	player.hb.selectmedia.asia
1	pips.taboola.com	cdn.taboola.com
1	rt.ad-score.com	s.trvdp.com
1	my.vnexpress.net	s1cdn.vnecdn.net
1	s.trvdp.com	go.trvdp.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	securepubads.g.doubleclick.net
1	am-trc-events.taboola.com	vnexpress.net
1	3a5d6ae81e002caeda0eb340b39787f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	gw.vnexpress.net	s1cdn.vnecdn.net
1	cpm.unibots.in	scdn.eclick.vn
1	mp.4dex.io	scdn.eclick.vn
1	bidder.criteo.com	scdn.eclick.vn
1	static.eclick.vn	vnexpress.net
1	g.eclick.vn	s1.vnecdn.net
1	trc-events.taboola.com	vnexpress.net
961	194

This site contains links to these domains. Also see Links.

Domain
e.vnexpress.net
video.vnexpress.net
startup.vnexpress.net
raovat.vnexpress.net
vlight.vnexpress.net
ebox.vnexpress.net
ework.vnexpress.net
eclick.vn
www.facebook.com
twitter.com
bookpointing.xyz
popup.taboola.com
lp.empire.goodgamestudios.com
xcraft.net
my.vnexpress.net
www.youtube.com
appgallery5.huawei.com
click.google-analytics.com
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
*.vnexpress.net GlobalSign GCC R3 DV TLS CA 2020	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.vnecdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-22` - `2023-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.eclick.vn GlobalSign GCC R3 DV TLS CA 2020	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.fpt.vn DigiCert TLS RSA SHA256 2020 CA1	`2022-05-13` - `2023-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
public.flourish.studio Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
unibots.in R3	`2022-12-30` - `2023-03-30`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.trvdp.com Amazon	`2022-08-25` - `2023-09-23`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
player.hb.selectmedia.asia R3	`2022-12-26` - `2023-03-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
player.adtelligent.com R3	`2023-01-19` - `2023-04-19`	3 months	crt.sh
ghb.hb.selectmedia.asia ZeroSSL ECC Domain Secure Site CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.a-mo.net R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2022-08-26` - `2023-08-05`	a year	crt.sh
*.polyad.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-22` - `2023-03-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
serv-selectmedia.com GTS CA 1D4	`2023-01-09` - `2023-04-09`	3 months	crt.sh
track-selectmedia.com GTS CA 1D4	`2023-01-03` - `2023-04-03`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
truffle.bid R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2022-09-27` - `2023-03-08`	5 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
gw.geoedge.be Amazon	`2022-09-12` - `2023-10-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2022-05-02` - `2023-05-09`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-12-28` - `2024-01-26`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh

This page contains 147 frames:

Primary Page: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Frame ID: 8E7A9095276CADC542976FCECB46AF09
Requests: 199 HTTP requests in this frame

Frame: https://flo.uri.sh/visualisation/12485484/embed
Frame ID: 8EDB00B94CEDE34F88561A25D339E780
Requests: 23 HTTP requests in this frame

Frame: https://adp.vnecdn.net/delivery/eclookup.html?fosp_aid=ek9st41vtq3wuoyy.1675329687.des&orig_aid=ek9st41vtq3wuoyy.1675329687.des&fosp_uid=ek9st41vtq3wuoyy.1675329687.des&myvne_user_id=
Frame ID: D501E9658C70E41F344D37DD8C777FD2
Requests: 1 HTTP requests in this frame

Frame: https://s.eclick.vn/delivery/sync_retar.html
Frame ID: EA1466FB3DB5C99BC0ECB9295D65FBED
Requests: 1 HTTP requests in this frame

Frame: https://flo.uri.sh/visualisation/12485484/embed
Frame ID: 09044D320AAC68986EB29058B6FCAF32
Requests: 23 HTTP requests in this frame

Frame: https://3a5d6ae81e002caeda0eb340b39787f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0A0609DB46C878215AEE8BD81EA4280
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukBd95SnYuftg9KUlUfP_Ko9UMxZdiOYvh2Nr-nQ2Uugh0ob6V2y6iRg4LsBBdJkvJGYWKKXvhsGAUF7ekFgXT88sCroIBdXKw2BCo4xUciiPwUlQUdxg3GaouD8eJ4bG_S58fQv9b5pyKy29UhLsfkTitb5YpHexOqfJLSTcnE8D1S3ti6JeWnXogx_9Z_h7me6aT1Eip7Obp-c_ifx9rAG-fCm0nCnb1Mr1QeEHAwTCh6v0dBKy9Fsozfkgf-QfGp8YqJr1z71w9OZt_XFnxrtDIlYnmskEBRygkKqMfVQNJ9SUEyDxZv-5PIn31JPM5KkdqmaGuKzIS2nMC3nB9zx8F3P76nK4uW9A7spqU3DdTV92PXQ2Ei8_W_X9VEX2Pcd1MHQKyJJxsrg&sai=AMfl-YQlRR8tGYa53d-tjxLnjBm72i7pXrNZnHMVVgxt5b7MrxQCvrsrlotT3x61KAPdq3SHcsgzXpWTMk1jvl5mtnLWVYzIgyP6AwO9ifO55Sdzsi2WGkVaqrYkbva92Wz9K__EV60DpPRRzSvasQE&sig=Cg0ArKJSzKvOZseOcj2kEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C0661ED09B6D8E6527FF28F7F21448AD
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: 78C7A43DEDABA400D8908C2F601BDC75
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRwdQcBYgKplX76f1f8czL9tO3u1-WLrB67ymS0hVFuhn4OgoiuY7A2NCYQmdRfOvPmdHlHKVM_FTfn6IKz5I_i4KDAJFfrJTufuJEQ4mWDO-G4rbgdtBqIb7f9IWJ9_EfqHzt64CLvFRpvBMCjikTqYZwxRLscEGeNNRx06wnsNeAdVTHCjPQ-GsWqaVCqv6chmSnl8A55JjHLlNpQ2bpNAkb47JGYevONp7TUBoje5aM6rkRSD37jU2x_LM6d-J3DSHGGNlLUPO0eZLXwfu8UI3d2BR9b3GbDaZ28iMilXxJ8Enxs5nkQ5KqOysO2MrX0NpuGgsc2g9FesEozGJZJlZ5qCaUAU7qoFHhMpVQd7xtiUeNWZKRvhdi3-qcMaOcc1PeNVBj9w&sai=AMfl-YRzIjILc2b9hgetAld9-mU2CAlKd5dRFXzSACTecO3fUrBXuNESWTHCQzcAZGb-OQ6KVMGe8SgPehuy_8sXGKyKvVlEKcNdZ2hGwDGctn-jLtyyqLNYI18bUp8hHtmXHqFI6CvKgvqt8ajUVUg&sig=Cg0ArKJSzFWKfsZC1N47EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D0F2A36A7FDB9C2498BC761BE2579E91
Requests: 70 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: 1314AEA14ABE740D238E509F025E2517
Requests: 11 HTTP requests in this frame

Frame: https://0d15eeaaf8e1c7cb9cd5564124c201b6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 14A8B488F8A5D367C432666240FBC54D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBkmVt92O_SxYWvR0HWEsMm5Jrtup-gN7kOHF4aI9v3_kCoZKe94bcrMdomyRdJIBudzK9MF6TrXdL8pJWcvSHeJYRQrWVduOjY__hhEx3iS8cPjSfs9PykB1CA2LDijrEYit4dw70YSz9zPeM0TZSyhr4TrDBmgjWmNwMtDtFiJQDDoJS0Lt0UaBHpvma5c7Hff-N-0jhOcvVMDJtnkJNqcXD1blUxT8G-waE3_C3kk1N7EzM4knDDmDUqah1UV8f3__NFyqTCg5IexgBtloQF5pmV0uGkFFsfcpRyd92SOD6hnc3uA8-TECNBYKRLV3PuPGppg0&sai=AMfl-YQkZsbB9M8YNPS0IVtZc4Bs3JH4z59bY9TnZW5TYUU9bpRTAbgt3U1Rbq142lIOW09rRfaEXCNX1a4bs7ysbEsGJLnYTMOKn6MJ1rlD5rt2M82eim-RgOIEgZ67bhE&sig=Cg0ArKJSzAvV0hiuH2fyEAE&uach_m=[UACH]&adurl=
Frame ID: 8CC52477417068BE8596F44A7EFF972D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 943B7E9FAD0B1A0B37C27B83BFBF290A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 571CE3EC85F448682D3EA9106F75348E
Requests: 2 HTTP requests in this frame

Frame: https://flo.uri.sh/visualisation/12485484/embed
Frame ID: 2B1F176EAB81517C09A3E9981765D08E
Requests: 23 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net
Frame ID: D172AB1C7E92AB6A09A680887E765F8B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB83CF5B7235725FD3BB5E8D033B6AD8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79B665E6DA698CC89CF1073DCBD6A27B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: F4F9C2C5D8435DDDDD398C7BF9AA7692
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 4E62639E4F8F3A45222790F429B6ECDF
Requests: 18 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 54FC20115FA128A68B4A1EBB4F17B25B
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0EBFC5A60A6716D0A0CC6DCED7A29212
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: 5D9F2F0D0DC6AAAF8C808DE849C63A54
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1675329691704&gdpr=0
Frame ID: 029AB538A78113616886FCEAFDF42651
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13471758
Frame ID: AD14477DFCBE1AC78B0C3B85D601B191
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 6DDDE361366DB2C92BB95DBED81E92E9
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BCEF0261E3144A58B9F6BA872A4EA9BF
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Frame ID: 2E51951325A6D509626483A9C3FD7204
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D1E85A4D358792BC5463E539164C7FB
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 32E8F8257AB631EC179CAA6EE5CFE8D1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: E484258511C36DC2957ECCC6486D04A9
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf32M5L0R2BiaqElK0UHcn_JdMBWquCveDea22_ohp6UxL2spS3Efj7eUuEqrHtXLfaosGtG4syPz1CUXhHhpsEDh6VCdLC9UHVx3FW_0hvqq9RiKkOr9jHWcflE0ADKfyPUcWrJsP-OtX9cGC64hexHyWWAed9Udy23taTPk8Z-zPgjLxv7j2j2srGlod0xGd2zH1mDIF6CRrLkPmi9mzWW5VeQOvciNCTVfcO3L4RY54mykJmWi41cQyK_66twiDUkRtC8feqoiAGdMFg3cVwx-5ttu98Ftb88f0yzQh_p9HKlyktIK400UO_pS3JwIAXIy4THl2VQlWIJ658xlS1sO9N2GJEIkSDErgfbw5_vaufYmjOCMrTTvT6AmfW1meWI1PqI7L5dqV8Q&sai=AMfl-YSm_5hZDu1UszWB8t_nMuADp-sPe_kR8YHGY5_qFzhRjeC5hEXi0qwr7XUMQZtf7ZVV32h9XtSINmj6oCy4iuR6D7qGLljCbFhaZFATLH1bF2h_ghctbhu9hYgMQVE&sig=Cg0ArKJSzCrn2Dg1YHPfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B5972C35E997739E8AB9E1AE39DA5D0E
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3C011563240FB728097582DBAF5289B8
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=0&gdpr_consent=
Frame ID: EFB941CE8B77E3985537219B0D059576
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:399063db-809f-4d00-94cd-150fa67a6716&gdpr=0&gdpr_consent=
Frame ID: 07481265D6AF46F53AE888AF4BA99401
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 292A989B206EE506866A9B9D9010F269
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6375948229622613576
Frame ID: B0B862ADA8917A898D12105E7113B2D3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg
Frame ID: A523F16F32A1AEF842C1EDC230DF46CD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8020408773171338617&gdpr=0&gdpr_consent=
Frame ID: 2AF3DD60B8287E46931DF30901533487
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: ACE302B02866110785090939E823DB22
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195486250077649048&gdpr=0&gdpr_consent=
Frame ID: EA0A5C833B9E7FC3067C13A468B72641
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FpBhWDLtQUtX-mz1jJiV-VD_B2o
Frame ID: 5D605DC5C2F75899DBEA18064B392980
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9uAnwAAARH4SAAb&gdpr=1&gdpr_consent=&_test=Y9uAnwAAARH4SAAb
Frame ID: 3C01F61A3AE84FC0FFFDB706D596AF54
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACOAU7HtwEAACAr1YaHRg&gdpr=0&gdpr_consent=
Frame ID: 134D1E96BC113B433F1355EA7742019D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C98CA040461D8B754B8CA9D3DAF684F3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3587709600
Frame ID: BE9133FD7AAAD754495C1DF82B793A4A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A63D9A6209961E4A4D7941279CCFE3C1
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A456EBC1F91CF05D1365FDDC7BD74176
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 179B9F9385A6A8E33AFDF2F154BA45FE
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 1848610FEAAD83AFEC6D62C74EAF4C34
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e6f4cf1bc6a0874/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSnUMWjMbhjUgaSTW%2526gdpr%253D0%2526gdpr_consent%253D
Frame ID: C3CF7BF21CE9A816E2A86F4F8552F2CB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3D62ABFFFCC8C40ACE866DDBA723CC78
Requests: 1 HTTP requests in this frame

Frame: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Frame ID: F4039831C64FDCB2A8C69FF7F44E82E8
Requests: 47 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 736FC3CB64562E28F5D5F1009A9CFAE4
Requests: 2 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 47E66DD26F586B3D9A95F9CF46368EF4
Requests: 28 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 975F8A448ABA0F8775F1A0A3AE9D4D16
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 0B4FBF0449824DC54864245C8F2E1D6E
Requests: 33 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: C2BB7165A72F83F194D8BDE51ADA9B54
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: F82B45AF0008D5D80B937F4C86A8FD19
Requests: 32 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: A4A28E2A6456D13669B31309D9402382
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: B5D812D285F481BDBEFF2771667C6C55
Requests: 32 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 7F9D22046DC182DE7B8022C47AB9D59E
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 1D5E23BF1D24C60326AA23F0C50A03FF
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 26B9BD494F0BF9C93C29774BE1ED5A64
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: B2EA0E3E0BAA89611D4205A2A288BA85
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: E3A65C54E0E192489068A83F08E2E63E
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: C1182DFFA781A6A163B8CF584CD81130
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 8EFD3FF694D5EF103E54E6298557B51B
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 731E6F54DC286C54684D836AF8F28ECF
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 8ABF85F15FAAE177F8A7F801D3066E91
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 985BB6C335F21A10A679B7EA2BB11877
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 5F9604F109976A113A1B1C32B172CCC1
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 47FF714B2A0961852C21C5483EAF9324
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: EAA546A7C739C645E87BF8479A04583B
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 26BF483648822B67C7D1BEE5011B0A3E
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: D38989F2A4579D220740C1C73D72DE81
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: A6C223D5456D1D6ECE5099142BF9075A
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: AEA26D8202E88E2469DC07824CFF64A2
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 8AC522E4F2CC8EDC22E8F20C30E8E132
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: E13963CD6627AB0B9882C3F9BC24FB90
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: E4B7264F3730690AC08CC171472E0792
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 1F07612B99D710FC934A721527295A3B
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 4C14E004AF588739FF999C199AB8770B
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 35B81C34DA69EBB6A72A868B514B74BE
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 2745D7C034B1C3CE8C100409254BB799
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: ED971A68374A3B1B5E9A881807DA602D
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: 6A75893CF89FE026BF6EF5115361A5EA
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: B6706D197FD417CBF3311286F76C05E2
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: BC38697EF200D70E589E5A0F08083592
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 3A738A80E9968ACBCA21B8DE5D425271
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: A73387F110F7CC7E48C06C78674671EF
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 9B2C1FF6537228D723A1088A7936CB21
Requests: 1 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Frame ID: B0B043E01F250389FC93852336EEBDE1
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 66B70489E8275EB76E58AD5B91700566
Requests: 1 HTTP requests in this frame

Frame: https://d9d18169329477829e95730764e80a24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0ECBF652A673FF64B09D92AC0FE58D06
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js
Frame ID: 4BFBD22833200368D1C418DEDDD5DE5E
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 81C49AEA54567EDE2B753B66571B2B75
Requests: 3 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wbr31b3c1qg
Frame ID: A60670B3F02F08F3BC96C419CE7DB442
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:222BBC98D7834E92A7D7EA34DED433B2&gdpr=0&gdpr_consent=
Frame ID: 2B4ADBDC307036834E9EC98F7A88DDAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A841EEF2B9758F2170E095088D56AA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30BCEFD3C6E11D2A9CB4F6FFC3A7B3BF
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F06DD9E28A5187E9602FD9C5B99E924A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8481A31838A4CB8D7FE317DEDC23B169
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CB4C61BF5398EC787CCDD75F66B060D0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: 733FF431216C06113CEAA112FE2B207E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: C5418CC6486DED9F138B97DE5686D741
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7BA2BF03F470DD412DBE617701136FB4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BCD0D7D19AD6B999FC3B6A30798AA8F0
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8BC12FD2769BF036936C08815A3A53F4
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 89E9EA41B5158D53715A68D308E62FAF
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D770CB8B8313FD8BD0B1F9D819C6B7CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: 814E3CEF2AF2DDCA414D5A6C75E37F90
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 18955453D02B439CF374DA97A656F66E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 86CF742BB0ABA71A72482CD87AC4E642
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1F1F28B07A1102D39770AEE29383D1B3
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9DD37E0D15597620AC988BC57EE20548
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F2106F4B6DCCD26AA53B095C68DBBC94
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: 29977E812D116FE3EF5E7E8046F0DC12
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 896A170BAF590E91E973F2BB147EF89D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D2424C50D96070DA82F2914F0443BED9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C61E97229C06BB7C5E0FE3704432D826
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 99B073157AABB9BE8AC44C8273DFB602
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: 0708784307B3D938B99BC9C7554322E1
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2D52A156A5AF04E3E9E2B01A804C78AB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3DC1789C7A676E032747AFB219639A2E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2D71CDB95A7D4AC4C55305DD28FE5037
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5522E6D71E5E9C7D890C1FDA2E1B0C1B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0765DF21BAA7BD82EADA47F08D929EFC
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 87D4A15363A685AC02C872084FDEB582
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: ECCC792801EF45D005671049F6028BD4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: 60EEFF7428B14D9F367D0522C46E5658
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1CAA12AAE6CE3E00ACC3E1F7366164A4
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Frame ID: 70BBBA8D5618ACAD7562EB280B59CDC7
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: 5F9C5BF49DDB10FC93DDCE16A5B6159D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 0049D4CD94D86D158E03739EEDAF0F2F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512&gdpr=0&gdpr_consent=
Frame ID: E3B37267C8318C9ED8A4DC808009E012
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2D5ECF9F46FB86709907627AAC281B3D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7A420EFCC6DD42B76EE404C15952888B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512&gdpr=0&gdpr_consent=
Frame ID: D635F3DDEE0A84CCE435F5AD5E2C4B29
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1675329696253&gdpr=0
Frame ID: BA0C2502A69036CFB551E63801B9DCAA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8603805A46F366F3FBFAEA60BBA8DEFB
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2767FD6038C9CA70728A0563872B6EA1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D36A2F0D4AF488C8CE80967A931D59B6
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 417F012EA3066B97D8E55B8395CB5645
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D779BAE3A838E9DA53FBB443C8B72798
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 73B161ED78186A466D8D61B70280AEA0
Requests: 10 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
Frame ID: 4FC5D7FE301BDD39432EDA6BA04275E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kênh đầu tư nào sinh lợi tốt nhất từ Covid-19 đến nay? - VnExpress Kinh doanh

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

961
Requests

87 %
HTTPS

25 %
IPv6

105
Domains

194
Subdomains

136
IPs

16
Countries

15931 kB
Transfer

45234 kB
Size

152
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://e.vnexpress.net/
Title: International

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/
Title: Video

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/thoi-su
Title: Thời sự

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/nhip-song
Title: Nhịp sống

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/food
Title: Food

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toi-ke
Title: Tôi kể

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/chuyen-nui-rung
Title: Chuyện núi rừng

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/phap-luat
Title: Pháp luật

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giai-tri
Title: Giải trí

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/the-thao
Title: Thể thao

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/so-hoa
Title: Số hóa

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/oto-xemay
Title: Xe

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/suc-khoe
Title: Sức khỏe

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/du-lich
Title: Du lịch

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/the-gioi
Title: Thế giới

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/khoa-hoc
Title: Khoa học

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giao-duc
Title: Giáo dục

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toa-dam-kinh-te
Title: Tọa đàm kinh tế

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/chu-de
Title: Chủ đề

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/nguy-co
Title: Nguy-Cơ

Search URL Search Domain Scan URL

URL: https://startup.vnexpress.net/
Title: Startup

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/o-to-xe
Title: Mua bán

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/?utm_campaign=VNEXPRESS&utm_source=footer&utm_medium=menu
Title: Rao vặt

Search URL Search Domain Scan URL

URL: https://vlight.vnexpress.net/lien-he
Title: Mua ảnh VnExpress

Search URL Search Domain Scan URL

URL: https://ebox.vnexpress.net/
Title: eBox

Search URL Search Domain Scan URL

URL: https://ework.vnexpress.net/timviec
Title: eWork

Search URL Search Domain Scan URL

URL: https://eclick.vn/lien-he/?utm_source=VNE&utm_medium=CPC_BOX&utm_campaign=LienHeQuangCao
Title: Quảng cáo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/congdongvnexpress

Search URL Search Domain Scan URL

URL: https://twitter.com/VnEnews

Search URL Search Domain Scan URL

URL: https://bookpointing.xyz/mlanz-vermog-1?utm_source=taboola&utm_medium=fptonline-vn&utm_content=Mit+53+ist+das+das+Verm%C3%B6gen+von+Markus+Lanz.&utm_term=1226053&utm_campaign=3593640317&tblci=GiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSDKm1woz9jQiKypipKoAQ#tblciGiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSDKm1woz9jQiKypipKoAQ
Title: Chef

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/vi/?template=colorbox&utm_source=fptonline-vn&utm_medium=referral&utm_content=thumbnails-rr-02-a:Right%20Rail%20Thumbnails%201x1:

Search URL Search Domain Scan URL

URL: https://lp.empire.goodgamestudios.com/?pid=7039&cid=1226053&tid=3556379391&gci=14414&ad_click_id=GiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSDHpEEozMrttKq_t56WAQ&tblci=GiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSDHpEEozMrttKq_t56WAQ#tblciGiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSDHpEEozMrttKq_t56WAQ
Title: Goodgame Empire

Search URL Search Domain Scan URL

URL: https://xcraft.net/registration/?utm_source=clickfrog_tbl&utm_medium=cpc&utm_content=GiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSCIqVQorOihtuy3td2MAQ&utm_campaign=9938843&utm_term=1226053&tblci=GiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSCIqVQorOihtuy3td2MAQ#tblciGiBEWjCMkddCp7u7Ls-lqaKDSmSz7Wo4qLtHPiNNf-BLbSCIqVQorOihtuy3td2MAQ
Title: XCraft

Search URL Search Domain Scan URL

URL: https://my.vnexpress.net/users/feed/1005924172
Title: t

Search URL Search Domain Scan URL

URL: https://my.vnexpress.net/users/feed/1002720980

Search URL Search Domain Scan URL

URL: https://my.vnexpress.net/users/feed/1054565936
Title: S

Search URL Search Domain Scan URL

URL: https://my.vnexpress.net/users/feed/1057100486
Title: T

Search URL Search Domain Scan URL

URL: https://my.vnexpress.net/users/feed/1079749545

Search URL Search Domain Scan URL

URL: https://www.facebook.com/congdongvnexpress/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVRqZH5QnrnbMWhElPBD-MQ?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101519049

Search URL Search Domain Scan URL

URL: https://click.google-analytics.com/redirect?tid=UA-41193011-3&url=https%3A%2F%2Fitunes.apple.com%2Fvn%2Fapp%2Fvnexpress-net%2Fid488630446%3Fl%3Dvi%26mt%3D8&aid=net.vnexpress.iphone&idfa={idfa}&cs=google&cm=cpc&anid=admob&hash=md5

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fr.playsoft.vnexpress&referrer=utm_source%3Dgoogle%26utm_medium%3Dbanner%26anid%3Dadmob

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101530095

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/vn/app/vnexpress-international/id1435726486?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fo.vnexpress.eng

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9902.aI3zLhysIbDjd_0kFphujiyDf8FruBFo7-p4wIC8qQyCPD6oXjGtnKdLf6xIj8Rw.cliP8SJ7zlmiOiMjb-t_j9af2i4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9902.BJT2AJOilarQFjMoMzZ1D1_bh1-J9uvLEuzca6oi5MZvyvs9ViCiCx9-7_y_wsi6u9qIJpfHasrR0KQeK1FLnKRKrGm3Jlf4Xz6KWGH3pnw%2C.S6XWrr5TM5KOtxmyDP083q8vOPE%2C

Request Chain 73

https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1615%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1232692308569%3Ahid%3A684049679%3Az%3A0%3Ai%3A20230202092126%3Aet%3A1675329686%3Ac%3A1%3Arn%3A612107975%3Arqn%3A1%3Au%3A1675329686164661259%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A419%2C683%2C253%2C433%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1675329684069%3Arqnl%3A1%3Ast%3A1675329687%3At%3AK%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1615%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1232692308569%3Ahid%3A684049679%3Az%3A0%3Ai%3A20230202092126%3Aet%3A1675329686%3Ac%3A1%3Arn%3A612107975%3Arqn%3A1%3Au%3A1675329686164661259%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A419%2C683%2C253%2C433%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1675329684069%3Arqnl%3A1%3Ast%3A1675329687%3At%3AK%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 83

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9902.F9ka5VP63ILnsgYI2yHo-YoCR0e6VJgxJVdmE7KyY1UgJkF9J2iBJ1s4Lv1kK7s4.T7AuezTT42SM2CNIK8VuvH49NB0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9902.Tl8gbKTHLqFl6U6IVfxswyetElLiwB95Iam-KVtohpmSIjjtS9-HXm2OoB4iUaZ5IO5lsZfqd304I8gyD0OLMIZlt_b_oCJucQuqHP4Ffb8%2C.u6ZVLQynLSDFteeSSaFkAKA0Jzc%2C

Request Chain 106

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5 HTTP 302
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f948d4c6-a2da-11ed-8db3-1860f0710206

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 236

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 240

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 287

https://image8.pubmatic.com/AdServer/ImgSync?p=158804 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158804&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REQyRjdCNTQtQjFBNi00MTdBLTg4RjMtN0JCQzZBMkVEMDE4&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 326

https://gum.criteo.com/sid/json?origin=publishertag&domain=vnexpress.net&sn=ChromeSyncframe&so=0&topUrl=vnexpress.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LT5kh3xSZE42VmkvSW5qZjdib1hSenhlWUZDNDg0Y3dYQzZyeFVuS0NDYkNOOExycGxDUHEyaHdhenhxMjM1dEplR1hiVzJuZjU2azhhUSt1UUtkcCt2Y3lZUEJZbWh3Z1JPbk52MG0wdmJxaHJoOGg3ZG5hSTJGcUM1eXFYbHNhM3h3ME9zZTkvUXBOTkVLUk9UclQ3SzN4aTBtaEVnaHh0RWt4cTN2anRpcjA3Q3RYRkZFQ2xvc3lzcjdERC9HbzM3bDQrYlBqMkdNbXdKdmRYMEswTUVzNG9KZVlhOWxFd0hSTStrV0pSUFU0UXREakYvMkN3M2ZmMkVxNHZFMjFtR01ubUt4OWtPd0VWbnlKSmNLalM3elhtdz09fA&cppv=2

Request Chain 371

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvnexpress.net%2F&domain=vnexpress.net&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Pd5VgXxxRWlxdmRLZ2hzZkIwcy9NUFFyZFRvM3hnRnZBMnhaaVhtOFZwdFA0ZkZBaDVjdUVxN1lSSUt5Ui80cWhaQTZhdWh6TFlpZ3VyMnRHY1pGS3kyQjF2NUlBUTkrWGh0L3d5K3JIMVdWS3lJVHRBVEdrYVA5bTd4ZWFIV2hZVi9kOXY0bHhyTW9iQW4wQ09mSWZmNmRSUE1wQVJyc2xqR1JiYkxGdk9PNnZ6RzRLaDJQWE44dkpuZ05lM3dINDFqYWdrVzdBelVTUlhXS3FpczgxeWtwaHVXZERoK1ZIRXVYWHhBd2FndHJlT2t2U0p5MllrSlh1aGRBVFg1enI4ZXFQQ2RRU0JKNFAxUlJzNisxNXl3WWEwdz09fA&cppv=2

Request Chain 386

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 307
https://a-prebid.vidoomy.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=undefined&uid=GFqxpBZHMRgUNAeTSYioVoxk

Request Chain 387

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=4b30b11d-7dee-40ad-95c1-061fe8449700

Request Chain 389

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-i2RW46pE2uH8wqKKPkPKkfKsAPvbln_3mX7n3lA-~A&gdpr=0

Request Chain 390

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2524UID HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=8020408773171338617

Request Chain 392

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/vidoomy?zcc=1&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D&cb=1675329695884 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3874317150

Request Chain 394

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=0fa0869b-6eec-4936-a91e-cb66620db0e9&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Qi48rpBE2pnjiAfnOcP9nEw38CSQoGIAVOjm4w--~A&expires=5&ssp=vidoomy HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0fa0869b-6eec-4936-a91e-cb66620db0e9

Request Chain 396

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c2f263db-809f-4f00-978e-5ed4b97a57c3

Request Chain 397

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8pQAU_yXXVfpxQJTosFJV_XBBwjpkVEGpZ_-cd2B

Request Chain 398

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6748347055864869662

Request Chain 401

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1

Request Chain 403

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=399063db-809f-4d00-94cd-150fa67a6716

Request Chain 404

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=UTlMwl86EcZKaE7DVT4FkwVoSpRKP0rEBGx0KM1_

Request Chain 405

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2553896114296436170

Request Chain 408

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1

Request Chain 416

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 420

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=7e5fa8466c8ccabbbfd12498fc84a95e7f4135c923c2530afd2b3aafeb4fff9b

Request Chain 426

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1

Request Chain 428

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&dcc=t

Request Chain 429

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENTBr5AVBu_VEPLhI1y2fZQ&google_cver=1

Request Chain 430

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178

Request Chain 432

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a2fccb55-24a4-405c-abe5-8e3ddc52cc6b

Request Chain 433

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675416095

Request Chain 436

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:399063db-809f-4d00-94cd-150fa67a6716&gdpr=0&gdpr_consent=

Request Chain 437

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 438

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6375948229622613576

Request Chain 439

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg

Request Chain 440

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8020408773171338617&gdpr=0&gdpr_consent=

Request Chain 441

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 442

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195486250077649048&gdpr=0&gdpr_consent=

Request Chain 443

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FpBhWDLtQUtX-mz1jJiV-VD_B2o

Request Chain 444

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9uAnwAAARH4SAAb HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9uAnwAAARH4SAAb&gdpr=1&gdpr_consent=&_test=Y9uAnwAAARH4SAAb

Request Chain 445

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDT0FVN0h0d0VBQUNBcjFZYUhSZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACOAU7HtwEAACAr1YaHRg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1232672149992059140&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACOAU7HtwEAACAr1YaHRg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1232672149992059140%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1232672149992059140&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACOAU7HtwEAACAr1YaHRg&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACOAU7HtwEAACAr1YaHRg&gdpr=0&gdpr_consent=

Request Chain 447

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675329695764 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3587709600

Request Chain 449

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 450

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 452

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e6f4cf1bc6a0874/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSnUMWjMbhjUgaSTW%2526gdpr%253D0%2526gdpr_consent%253D

Request Chain 454

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3S97VLGmQXqI83u8ai7QGA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 455

https://pixel.onaudience.com/?partner=214&mapped=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dcd2b66185fcb9a2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 456

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&addseg=19,36,42

Request Chain 457

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhs9LUk_dLJj_KydSyFnvI&google_cver=1

Request Chain 459

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2553896114296436170

Request Chain 461

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=85ffb688-ad27-4215-a6a0-a5fee99999a2&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 463

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LI5BsghE2uU1Ils4eStxFEKXgHkNPx0-~A&gdpr=0

Request Chain 466

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6572a6f2-c382-422d-a86d-c9110eee5cf8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 467

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4183605280264715858&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 468

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8020408773171338617

Request Chain 469

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YcwBBou6Rt-Tz6Y6YiibxQ&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=YcwBBou6Rt-Tz6Y6YiibxQ&gdpr=0

Request Chain 470

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERNVzFKRE0tMVgtMjVURQ==&gdpr=0

Request Chain 472

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/KnXmDm8KL3VQzcXq2itSzcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-25rKp_tE2oKAecMoFcd8Q4bXh_PuVb4ww0qmwg--~A

Request Chain 473

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CrT6Xw30ShuCyni8Bp-XOA&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CrT6Xw30ShuCyni8Bp-XOA&gdpr=0

Request Chain 474

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU4ZWM1MmFjMTA5OWEwMDcwNzM1NmU0ZjI1N2RhNzBkMzdhNTRkZA&gdpr=0

Request Chain 475

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECpZeJJSCM31Pt3bHF2o0ns&google_cver=1

Request Chain 476

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDMW1JDM-1X-25TE&gdpr=0

Request Chain 490

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 575

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178

Request Chain 624

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 628

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 632

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 636

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 641

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wbr31b3c1qg

Request Chain 642

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:222BBC98D7834E92A7D7EA34DED433B2&gdpr=0&gdpr_consent=

Request Chain 643

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 645

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018 HTTP 302
https://a.audrte.com/p

Request Chain 646

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3525168638 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018

Request Chain 667

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=2553896114296436170

Request Chain 687

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8020408773171338617

Request Chain 689

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858

Request Chain 691

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=

Request Chain 692

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1

Request Chain 693

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=14ddab16-bb90-41b6-afa3-a213f0e02b20

Request Chain 695

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716

Request Chain 696

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

Request Chain 697

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb

Request Chain 698

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539299

Request Chain 700

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=85fb7ea3-82d2-4542-bd15-6f3517c04dc9

Request Chain 701

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAA%261178 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f3f0648e-284d-425c-8489-e387fe78151b-tuctad50624

Request Chain 705

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=R7U6AUm2ZwVc5DgAQ7JzUBPkPFdcszwHEuBJ6R8V

Request Chain 706

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=222BBC98D7834E92A7D7EA34DED433B2

Request Chain 711

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858

Request Chain 712

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=8761308a-33e9-4281-90d8-a18a620d89d5

Request Chain 745

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 748

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 751

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 754

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 783

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvnexpress.net%2F&domain=vnexpress.net&bundle=A6cPZF8lMkJyQ0phN2tPRWQ5YVhLM3Nna0UlMkJLMWtYRFhMNXNvR2xPbjN6bkRCbnFDbndHM1BTMW4yRGRRJTJCJTJCbm1TMEdaalZZYTZuVE5UV2NSUDk4SHNPbERtSTI5aGRtaDRYZ1QxVmxoRiUyQkQwNWdwaDNWTzRxazU4QlpkTmdLd1ZZaGJiYlNpNVZNbiUyQnE5em9xZDRwdXM2NHlYU0ElM0QlM0Q&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=4TkgvXxNRkVSK2NqRkkzNzhTZGZJeU1OeEcrK0NuK2N4YUNSSndaM2tmSk85VFJpY0o0OUpoMWtqdFc0ZjYzWEZieE00MnhvMEdnY3VyZGhqQzJabXRiL09JSmJmbjJBVHZQRzhFUGlnemdwOHEybm1wTkszMFMwU0k0R0l4TWZ5QVR0Unh3RzhmTEJPRll2U1VzTGw0M2JzUTNBRmMveFY4V0wxcnpKMFViTVY1WHUzcTlMWU5mT1VNQVJQYnZzRUlSZThKV0taSnNHckhkZDJIMTlZQ1NUNUZidnNpc0IwcXlGMy95SVQ2Z1Q5WDRjSDlwK0J6aDBEUzQ0VWZlTlIxa00wVnlIZ1ZQTFM0ZERxMW9HM1U3TExyQT09fA&cppv=2

Request Chain 805

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Srlc5YIK1PnvMN5

Request Chain 806

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=openx&gdpr=&gdpr_consent=

Request Chain 807

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617

Request Chain 811

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hn5p7HJA1PnvMN5

Request Chain 812

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=76346aaa-eaff-42bd-abc8-025a87a19c77&ssp=openx&expires=30&user_group=5&bsw_param=8491ec18-3234-4de8-968c-38edaa2a4cfb HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=

Request Chain 813

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617

Request Chain 828

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=v8T5eV5G1PnvMN5

Request Chain 829

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654486

Request Chain 830

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=51901367-236c-404e-a3b7-6ffcffd9e748&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 831

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 832

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 833

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=73c049c6-3250-4974-a3cf-191778b3d884&ssp=index&expires=30&user_group=5&bsw_param=8491ec18-3234-4de8-968c-38edaa2a4cfb HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=

Request Chain 834

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3f355975-3a9e-83c4-7508ceea

Request Chain 837

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb

Request Chain 838

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716

Request Chain 839

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

Request Chain 840

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539301

Request Chain 841

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAA%261178 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=48adea72-b7b2-4875-aed5-fa1241c214be-tuctad50625

Request Chain 842

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=fd99fec2-0469-4f74-8efd-68f16f9374fd&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 843

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617

Request Chain 844

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FpBhWDLtQUtX-mz1jJiV-VD_B2o

Request Chain 847

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 849

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb

Request Chain 851

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=

Request Chain 852

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1

Request Chain 853

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716

Request Chain 856

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701

Request Chain 857

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 862

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=

Request Chain 865

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701

Request Chain 866

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 868

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617

Request Chain 869

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

Request Chain 871

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654485

Request Chain 903

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 906

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 909

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 912

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 959

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 962

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 965

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 968

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

961 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html Show response
vnexpress.net/ 182 KB
41 KB 1355ms
253ms Document
text/html 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

777whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

7ec1f293c8d0ee9b950bead97d1639584421b055e539def9ecc3d54c8865fd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:25 GMT
server: 777whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
x-content-type-options: nosniff
x-page-speed: 1.13.35.2-0
x-proxy-cache: HIT
x-xss-protection: 1; mode=block
xdcache: HIT 4
xhandledby: 277bfgldd10bf7c7468e873e79ba2ad139

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/fptonline-vn/ 251 KB
43 KB 138ms
40ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fptonline-vn/loader.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea8e85717334b474e5b07877b0a27dc9e673e1a907230007d974d28b326fdde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: b1HJVpU70HOoObgqLc2ulZnCX5WPSmEe
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Feb 2023 09:21:25 GMT
x-amz-request-id: 8M3JW5G9QQKYBYVM
age: 115
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 43103
x-amz-id-2: w8Blwhew1G8fEp/igSfk5Mk/DpaAfOHC49w4t0LSoVPPjJGCM8Q9rHERXu+o9V4e2gai1f0Lmiw=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Tue, 31 Jan 2023 14:46:00 GMT
server: AmazonS3
x-timer: S1675329686.563969,VS0,VE1
etag: "0599111132bf7fae4cfd3f444e2bb86d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ea3.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1282/eclick/ 34 KB
12 KB 1287ms
249ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1282/eclick/ea3.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 7d678a09262162412b85ae5544a40f128b729b4ebe6c15b9bd5e1a4e8caceb98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:26 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 02:15:11 GMT
etag: W/"637447af-88b9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sat, 03 Feb 2024 09:21:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
70 KB 138ms
49ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

032ed403adb0e7aa5713ffa387981497e4bf9b4d5235e4e6591be448245ae90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71519
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 09:21:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 181ms
52ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 08:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3581
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 10:21:44 GMT

GET
BLOB 200
OK 690cce10-2ebc-4e31-956d-9e3d9a54b893
https://vnexpress.net/ 531 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vnexpress.net/690cce10-2ebc-4e31-956d-9e3d9a54b893
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863016606095ee80bec9802da48ef003599574c8b1472e9030f6792bad4f2fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 531
Content-Type: text/javascript

GET
H2 200 impl.20230131-18-RELEASE.js Show response
cdn.taboola.com/libtrc/ 734 KB
192 KB 41ms
40ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230131-18-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fptonline-vn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec3d08f950ab1d6d5e3108a5408c596df3ed7455db65d82a9e927a20279444ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: WIJiNqB.OvqtD4QxbeTC5Gr0h745_pTB
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Feb 2023 09:21:25 GMT
x-amz-request-id: YNK96TDXJ1S53A9C
age: 70
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 196078
x-amz-id-2: iTz1YaD50W5OE7+Aqsej/DrHlEDpTAhjfa5aZtB3102U2vf7i4Kuzf6J//6ZB9jWARxxPgpKSxo=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Wed, 01 Feb 2023 17:27:31 GMT
server: AmazonS3
x-timer: S1675329686.684701,VS0,VE0
etag: "4d700cdc304aaa7dcfa668df0ddf1fdc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 23
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 343

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 136ms
40ms Script
application/javascript 99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fptonline-vn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 00:57:46 GMT
content-encoding: gzip
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 30221
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: sohrzpygYtC3Cc_Aw4gIJ0O_Ene76YP5WmDZ84Bbpzic7ZGuPpDWtA==

GET
H2 200 eclick.js Show response
scdn.eclick.vn/delivery/ 537 B
508 B 2415ms
245ms Script
application/x-javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/eclick.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: FPT-static_eclick_141_36 /
Resource Hash: c7f908193dad81c49b881987efc371144d301ae87ba387401f21fc96456d3578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:27 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 05:02:05 GMT
server: FPT-static_eclick_141_36
etag: W/"63d9f24d-219"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, static_eclick_141_36,no-cache
expires: Thu, 02 Feb 2023 09:21:27 GMT

GET
H2 200 category.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/config/ 43 KB
10 KB 2586ms
475ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/config/category.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: fd96c2e13e99447a8c8ceec2218c2aef2df2417359ba20748d3eb10f62bb8f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2023 07:47:45 GMT
age: 28
etag: W/"63c652a1-ab8c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:00 GMT

GET
H2 200 fc Show response
vnexpress.net/microservice/ 194 KB
35 KB 257ms
257ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://vnexpress.net/microservice/fc
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 777whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash: 97549a93e63d7b1fec27231f3ea6b5a7090d445fa52fe0a470831ae4ae2753c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
cache-control: private, max-age=60, no-cache
content-encoding: gzip
server: 777whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
v-cache: VNE4
content-type: application/javascript; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 152ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b2c903b0fd22ed715d260c54dfc473400185f163605e1281207e8edc797b32b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27562
x-xss-protection: 0
server: sffe
etag: "1470 / 314 of 1000 / last-modified: 1675292972"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Feb 2023 09:21:25 GMT

GET
H2 200 dfpbrand.js Show response
scdn.eclick.vn/delivery/dfp/ 26 KB
8 KB 2404ms
235ms Script
application/x-javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/dfp/dfpbrand.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: FPT-static_eclick_141_34 /
Resource Hash: a55ca7d6304e8026e82b7eb97e9d1f62d0fe9241a1e05611b0c6280417190368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 01:56:35 GMT
server: FPT-static_eclick_141_34
age: 21
etag: W/"630c1cd3-6933"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Thu, 02 Feb 2023 09:45:07 GMT

GET
H2 200 prebid.js Show response
scdn.eclick.vn/delivery/dfp/ 320 KB
103 KB 2602ms
433ms Script
application/x-javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/dfp/prebid.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: FPT-static_eclick_141_35 /
Resource Hash: 15110734f6201b25e7556905a858a29ae978dff23322d20965d68207ae7e9b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 03:06:36 GMT
server: FPT-static_eclick_141_35
age: 21
etag: W/"636b193c-4ff9e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Thu, 02 Feb 2023 09:45:07 GMT

GET
H2 200 ov_pc_vne_1003179_detail.js Show response
scdn.eclick.vn/delivery/dfp/ 160 KB
26 KB 2623ms
454ms Script
application/x-javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/dfp/ov_pc_vne_1003179_detail.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: FPT-static_eclick_141_33 /
Resource Hash: 9294ce85a85a187daad6822af5cda3809fa0bbd1b440c356cca7103548d13a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 07:50:13 GMT
server: FPT-static_eclick_141_33
etag: W/"63d8c835-28191"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Thu, 02 Feb 2023 10:21:28 GMT

GET
H2 200 detail.async.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/ 106 KB
30 KB 533ms
532ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.async.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 16e123faf1d73ea4576264677b3681e3f86c7ea0c25514ac5eab35ef326dd214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 03:52:38 GMT
age: 0
etag: W/"63b64986-1a7ad"
vary: Accept-Encoding
x-cache: MISS
x-handle: 0-1
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 1003159.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/blocks/detail/ 190 KB
35 KB 417ms
416ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/blocks/detail/1003159.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 38900f3fe5af840e2b4f119ff76430034c9955cc59c174a642ee82ac61d6fe0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2023 07:47:45 GMT
age: 0
etag: W/"63c652a1-2f8ad"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 general-file.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/ 146 KB
25 KB 2565ms
450ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/general-file.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: f926528eb40fde5414074e03e9ffe3b53edd73999cc6a02c20bea9fded156a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 05:30:42 GMT
age: 0
etag: W/"6392c802-246ee"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 detail-file.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/ 45 KB
9 KB 2589ms
476ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/detail-file.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: d1d10d2379b8cd4235c49be2be4aecb8d2fc58b39466dbc7a91574911b44df7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 06:59:53 GMT
age: 0
etag: W/"633e7ce9-b354"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 kinhdoanh.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/ 20 KB
5 KB 2535ms
422ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/kinhdoanh.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: ea4775119582ebe1d3b68c6666306f7061fed1b88c2c6b7cfd944450a5efd925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 01:00:44 GMT
age: 0
etag: W/"6232883c-4f40"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
DATA 200
OK truncated
/ 0
0 Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Origin: https://vnexpress.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 Merriweather-woff2.css Show response
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/webfonts/ 160 KB
122 KB 2629ms
510ms XHR
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/webfonts/Merriweather-woff2.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 7c3f0d6cfe9f8fde34bf9653db1b256bd0601b91b14e6336dde2187396a16efe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
age: 28
etag: W/"609344f4-280fe"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:00 GMT

GET
H2 200 icon-vne.svg Show response
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/ 74 KB
23 KB 2552ms
433ms XHR
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/icon-vne.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 4540c5e45b51da5e42e9e137807a2df75519a32cef405e6ea3dc1bcf02d8b526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Nov 2022 09:49:38 GMT
age: 0
etag: W/"636a2632-128d8"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 vod.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/ 1 KB
630 B 411ms
410ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 7ee90263745c1e250396cdedf42d6f3c6279ea5d1aee9e316d5b29bbb8318795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 07:09:06 GMT
age: 0
etag: W/"63281592-509"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 logo.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/ 5 KB
2 KB 2577ms
476ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/logo.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:20 GMT
age: 0
etag: W/"60934508-13b6"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 128ms
42ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230131-18-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 868819
expires: 60

GET
H2 204 debug
trc-events.taboola.com/fptonline-vn/log/2/ 0
90 B 232ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/fptonline-vn/log/2/debug?tim=09%3A21%3A25.797&type=usage&msg=rtus&llvl=2&id=6490&cv=20230131-18-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41182

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 41ms
41ms Image
text/plain 99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675329685819&ns_c=UTF-8&c7=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&c8=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&c9=
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: v_AoAbj_a8QWqIgqGZlSFvYBMp0HNDoz8GVun4IgfL8_bAQ4vZyTXA==
x-cache: Miss from cloudfront

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 121 KB
46 KB 80ms
79ms Script
application/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-P5FWR6V

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09f3ec5183b04b62ede7114a143f533de3a332dbeaecbbdf7f4eafe89ac3c286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 09:21:25 GMT

GET
H2 200 egg_v1.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v406/eclick/ 15 KB
6 KB 1102ms
485ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v406/eclick/egg_v1.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 5461ef0dfc6f5e08196bccf1e4b37b3d27c64f8c5201fd52922fb6d688147b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:26 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 12:53:29 GMT
etag: W/"60d1dd49-3b8a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sat, 03 Feb 2024 09:21:26 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 337ms
167ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-11ffd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73725
expires: Thu, 02 Feb 2023 10:21:26 GMT

GET
H2 200 cdp.js Show response
octopus-stream01-cads.fpt.vn/ 129 KB
130 KB 1072ms
293ms Script
application/javascript 1.55.119.42
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: d30d5a15f01d0bf1d2eceda161aad30112be19ba8e5fbd1f1b65b15e32542b47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:26 GMT
last-modified: Wed, 07 Jul 2021 14:43:31 GMT
server: nginx
etag: "60e5bd93-20428"
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 132136

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01db3358ffc0673dc2b4758782280f27b194c1c4aae3be75f57911980d9048cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 09:21:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
75 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e14bdbd3df3cebece996ccbf85bcea526ae942882d200ad73916f987c6e84982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 09:21:25 GMT

GET
H2 200 pubads_impl_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 176ms
52ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133524
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 21:42:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 4 KB
1 KB 275ms
86ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vnexpress.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3529321f83e4e37cf72d41ba6cd8237463a89a6fd5415554c948b58defaea015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 912
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:26 GMT

GET
H2 200 embed Show response
flo.uri.sh/visualisation/12485484/ Frame 8EDB 961 KB
268 KB 315ms
217ms Document
text/html 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/visualisation/12485484/embed
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098372943a3890980120d544cf3da77ae5220998eee484d143de9c08a76111c7

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: MISS
cf-ray: 7931db499d083688-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:26 GMT
last-modified: Mon, 30 Jan 2023 11:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUL1kHwDnZDBudwDbcKK0rNWPaWI558BXtjIqSx0BQm2%2FQy%2BTI2xjUJOxCZ44x8A5xJCBAxRghebzPE4j17tx%2BHkF%2Fhd8BDjlhmGHeJ8KA6oGI9W7dYhq7AKLgY7jEeoyTxeiu0dPP8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: UB7cmH3g/z+2nBiWrfu12AlXAwFpeMnraVr6p9A+SNPV4T+8q9wk2ZVZycCQFXA9E0JzAa+C2lg=
x-amz-request-id: RJ332NDW62692XZP
x-amz-version-id: wFDOek.W4ntiBdCvkngYQwLl6tfRTWb3

GET
H2 200 forum.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/ 10 KB
3 KB 2316ms
431ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/forum.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e28ec9fe062b035599c349c0dde0982b0bbcc38f726f41b5bb3b886e29df402f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 07:44:58 GMT
age: 0
etag: W/"61838f7a-28fd"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Thu, 02 Feb 2023 09:26:28 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
180 B 95ms
95ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=946454588&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ul=en-us&de=UTF-8&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABQAAAACAAI~&jid=1330297842&gjid=1624175407&cid=611417411.1675329686&tid=UA-249346-57&_gid=36675206.1675329686&_r=1&_slc=1&z=734276867

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 137ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DQJ7NF9DN2&gtm=2oe1u0&_p=946454588&_gaz=1&cid=611417411.1675329686&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675329685&sct=1&seg=0&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 50ms
48ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQJ7NF9DN2&cid=611417411.1675329686&gtm=2oe1u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 227ms
102ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQJ7NF9DN2&cid=611417411.1675329686&gtm=2oe1u0&aip=1&z=1151727689

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-57577CKS2C&gtm=2oe210&_p=946454588&_gaz=1&cid=611417411.1675329686&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675329686&sct=1&seg=0&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&en=page_view&_fv=2&_ss=1&_c=1&ep.article_publish_date=20230131005550&ep.article_author=&ep.article_tags=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%2C%20v%C3%A0ng%2C%20USD%2C%20ch%E1%BB%A9ng%20kho%C3%A1n%2C%20g%E1%BB%ADi%20ti%E1%BA%BFt%20ki%E1%BB%87m%2C%20%C4%91%E1%BA%A7u%20t%C6%B0%20v%C3%A0o%20%C4%91%C3%A2u%2C%20b%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20no%CC%81ng%2C%20T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh%2C%20Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&ep.vn_segment=%7Bvn_segment%7D%7D&up.page_category=Kinh%20doanh&up.page_category_id=1003159&up.page_subcategory=Kinh%20nghi%E1%BB%87m&up.page_subcategory_id=1004903&up.page_type=Article&up.page_platform=Web&up.user_logged_in=No&up.article_taxonomy=Ch%E1%BB%A9ng%20kho%C3%A1n%2C%20B%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20n%C3%B3ng&up.index_topic_name=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&up.index_format_name=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&up.index_type=B%C3%A0i&up.article_title=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F&up.article_id=4564117&up.article_type=text
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 49ms
49ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57577CKS2C&cid=611417411.1675329686&gtm=2oe210&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 129ms
102ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57577CKS2C&cid=611417411.1675329686&gtm=2oe210&aip=1&z=687411790

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 141ms
48ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-249346-57&cid=611417411.1675329686&jid=1330297842&gjid=1624175407&_gid=36675206.1675329686&_u=IEBAAEAAQAAAACAAI~&z=807277631

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 127ms
49ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-50285069-28&cid=611417411.1675329686&jid=410570476&gjid=1005347544&_gid=36675206.1675329686&_u=aGDAgEABQAAAAGAEK~&z=1358586342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
52ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=946454588&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ul=en-us&de=UTF-8&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABQAAAACAEK~&jid=410570476&gjid=1005347544&cid=611417411.1675329686&tid=UA-50285069-28&_gid=36675206.1675329686&gtm=2wg1u0N3FNJF&cg1=Article&cg2=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cg3=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&cg4=Kinh%20doanh&cg5=Kinh%20nghi%E1%BB%87m&cd1=1003159&cd7=Kinh%20nghi%E1%BB%87m&cd8=Article&cd9=4564117&cd10=1700000426&cd12=20230131005550&cd14=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%2C%20v%C3%A0ng%2C%20USD%2C%20ch%E1%BB%A9ng%20kho%C3%A1n%2C%20g%E1%BB%ADi%20ti%E1%BA%BFt%20ki%E1%BB%87m%2C%20%C4%91%E1%BA%A7u%20t%C6%B0%20v%C3%A0o%20%C4%91%C3%A2u%2C%20b%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20no%CC%81ng%2C%20T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh%2C%20Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cd17=No&cd19=Web&cd21=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F&cd22=1&cd24=0&cd25=text&cd26=&cd27=Kinh%20doanh&cd37=1004903&cd61=on&cd66=0&cd71=0&cd76=3495&cd77=1077&cd78=B%C3%A0i&cd80=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&cd81=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cd84=Ch%E1%BB%A9ng%20kho%C3%A1n%2C%20B%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20n%C3%B3ng&cd85=3761%2C%204072%2C%20980&cd55=611417411.1675329686&z=603911211

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 11:06:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80121
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 152ms
64ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-249346-57&cid=611417411.1675329686&jid=1330297842&_u=IEBAAEAAQAAAACAAI~&z=352823436

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 88ms
88ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-249346-57&cid=611417411.1675329686&jid=1330297842&_u=IEBAAEAAQAAAACAAI~&z=352823436

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 151ms
63ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50285069-28&cid=611417411.1675329686&jid=410570476&_u=aGDAgEABQAAAAGAEK~&z=2063452195

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 88ms
87ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50285069-28&cid=611417411.1675329686&jid=410570476&_u=aGDAgEABQAAAAGAEK~&z=2063452195

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choices.min.css
flo.uri.sh/template/2677/v21/static/choices/styles/css/ Frame 8EDB 5 KB
2 KB 60ms
59ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/2677/v21/static/choices/styles/css/choices.min.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebf010cf3503db862eb22610bc84f1d2f0b174bac152f1e654e73fe9ead91ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/12485484/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:26 GMT
x-amz-version-id: Mj0s.KOceVrwhpLLyw0Bpub3uEXcLu2g
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9NTAHHS7YCQFP46X
age: 99935
x-amz-id-2: Gxw8hvOAoYznGAOw/Ws5qqa4Box6ExTgeNOrAkVfI7ofhO5JNchwy1mvgSG3oaFLdBUcxDrmpEI=
last-modified: Mon, 23 Jan 2023 12:44:27 GMT
server: cloudflare
etag: W/"ac45b0abe30007c417750608d660cf6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrMDiE10G80wY%2FO5h%2B10VqH9tq%2BaaDMD9EfO3yH8YbaT2QOf1EdB9tngpnhXH4lIyeY1364MyLJHD8d6OGzLbXJELOP6L1iQZH16pIh1oIDklwBKQFeTYZWmqL0TUZAfrkH%2BN6cOCDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 7931db4afeb53688-FRA

GET
H2 200 style.css
flo.uri.sh/template/2677/v21/static/ Frame 8EDB 1 KB
1 KB 59ms
59ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/2677/v21/static/style.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f291acaadfdcfe1b7fe74dd747ebc7d203563b7f5273dc29fb1176fffbfba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/12485484/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:26 GMT
x-amz-version-id: wSADovtv8XwZE1o51ftedJJAJWdmWtlC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SGM2AK8AKMHNCJ65
age: 99930
x-amz-id-2: rJ7SmODKqsZxlwCsefjdPzKIjLN1VuUxJyorwNgiwleQyAloh4BjQMsvFARhYdUsmAb7h5XM7oc=
last-modified: Mon, 23 Jan 2023 12:44:27 GMT
server: cloudflare
etag: W/"4e1da9f7c73aef3bd3110faede5fdfd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GAGLSSbu0W8TNHc6vZH1%2FtEoDAbDwbco6LzVXnHI2IyYCLp17Tk2MNk75XTRKJ3E9gkvqMJCkmlw2GxcIWk2CMe5bCe%2BtPEa1Arb9zGWK9ac8ezm4Q8ZHFxBcBk7umJHfyfcRM1EvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 7931db4afeb63688-FRA

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9902.aI3zLhysIbDjd_0kFphujiyDf8FruBFo7-p4wIC8qQyCPD6oXjGtnKdLf6xIj8Rw.cliP8SJ7zlmiOiMjb-t_j9af2i4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9902.BJT2AJOilarQFjMoMzZ1D1_bh1-J9uvLEuzca6oi5MZvyvs9ViCiCx9-7_y_wsi6u9qIJpfHasrR0KQeK1FLnKRKrGm3Jlf4Xz6KWGH3pnw%2C.S6XWrr5TM5KOtxmyDP083q8vOPE%2C

43 B
79 B

90ms
90ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9902.BJT2AJOilarQFjMoMzZ1D1_bh1-J9uvLEuzca6oi5MZvyvs9ViCiCx9-7_y_wsi6u9qIJpfHasrR0KQeK1FLnKRKrGm3Jlf4Xz6KWGH3pnw%2C.S6XWrr5TM5KOtxmyDP083q8vOPE%2C

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:26 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9902.BJT2AJOilarQFjMoMzZ1D1_bh1-J9uvLEuzca6oi5MZvyvs9ViCiCx9-7_y_wsi6u9qIJpfHasrR0KQeK1FLnKRKrGm3Jlf4Xz6KWGH3pnw%2C.S6XWrr5TM5KOtxmyDP083q8vOPE%2C
date: Thu, 02 Feb 2023 09:21:26 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 8EDB 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8EDB 49 KB
20 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 08:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3582
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 10:21:44 GMT

GET
H2 200 embedded.js Show response
public.flourish.studio/resources/v3/ Frame 8EDB 11 KB
4 KB 138ms
40ms Script
application/javascript 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/v3/embedded.js
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f80d5f9ce4e4273e3dbdc43f418d37328216b79195165c14e65cc1c6ec34127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: m_y1UB4v7ETU4z0hzwLBXDr0tKBpOY8g
content-encoding: gzip
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:18:47 GMT
x-amz-cf-pop: FRA53-C1
age: 159
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 17:48:38 GMT
server: AmazonS3
etag: W/"dc19950f0ddddd9b7a5691ed2ee57cb9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 5Y8YhgRIhzEPLIhNyJG_GqIgQ2m1Q3PuuMhnWK-6UZqxEY19meuKhw==

POST
H3 200 collect
www.google-analytics.com/ Frame 8EDB 35 B
55 B 73ms
72ms Ping
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flo.uri.sh/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://flo.uri.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8EDB 4 KB
724 B 200ms
74ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 09:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:14:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 09:21:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8EDB 3 KB
995 B 199ms
74ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac89d7e4b7c14d902ef5f62dd07f8d1ff2db26b27eccecceb573b6961f9958b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 09:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:17:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 09:21:26 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 8EDB 13 KB
13 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 13:30:55 GMT
x-content-type-options: nosniff
age: 417031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 13:30:55 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8EDB 18 KB
19 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 15:30:42 GMT
x-content-type-options: nosniff
age: 409845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18836
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 15:30:42 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8EDB 19 KB
19 KB 71ms
70ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 17:07:22 GMT
x-content-type-options: nosniff
age: 144845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:07:22 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8EDB 18 KB
18 KB 57ms
56ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:52:52 GMT
x-content-type-options: nosniff
age: 232115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18416
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 16:52:52 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 8EDB 12 KB
12 KB 107ms
107ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 08:26:14 GMT
x-content-type-options: nosniff
age: 435313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11792
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 08:26:14 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8EDB 20 KB
20 KB 91ms
91ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 17:07:15 GMT
x-content-type-options: nosniff
age: 144852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:07:15 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 8EDB 11 KB
12 KB 104ms
104ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:38:51 GMT
x-content-type-options: nosniff
age: 6156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11724
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:50:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 07:38:51 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 8EDB 13 KB
13 KB 111ms
110ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:57:36 GMT
x-content-type-options: nosniff
age: 242631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 13:57:36 GMT

GET
H2 200 2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
public.flourish.studio/uploads/246936/ Frame 8EDB 38 KB
39 KB 51ms
51ms Image
image/png 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/246936/2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f69d003ea553ac3e670195e9e2ad3cbfee34ea9a2878ef3584f9c7c88be07310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: nja9j.58bBUawVY99iak2AbEb.MjVy4S
date: Thu, 02 Feb 2023 05:02:45 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 15523
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 39109
last-modified: Thu, 24 Mar 2022 04:06:11 GMT
server: AmazonS3
etag: "19d1806e6aa8a2d8ed7446f0293d48c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: QNC7Ey-FWzjCokHqdsNZ0l1ppvyl_25SeZB9rY1YSi9IYoXF4FMMsQ==

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8EDB 8 KB
8 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a619ae1c332145518f3ed463be52e3c71f63ecd71b0fdeae601b1878170005a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 23:29:29 GMT
x-content-type-options: nosniff
age: 467518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7852
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:29:29 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 8EDB 4 KB
4 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e0839c2fc964208d157d5582aa3629465196ad2d90b9aee7ba1a480d8ec40a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 18:04:41 GMT
x-content-type-options: nosniff
age: 573406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4216
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 18:04:41 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8EDB 8 KB
8 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880fc37f5a324b19d0624937dd1235625399588bebfe5c703930d6f3e1409285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:07:05 GMT
x-content-type-options: nosniff
age: 544462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7820
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 02:07:05 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 8EDB 4 KB
4 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4de44eab29462e426981eca31a2e82331fbc494e64633889321a3b8db175527c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 16:42:09 GMT
x-content-type-options: nosniff
age: 578358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:42:09 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/62978707/
Redirect Chain

https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4e...
https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv...

480 B
563 B

94ms
94ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1615%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1232692308569%3Ahid%3A684049679%3Az%3A0%3Ai%3A20230202092126%3Aet%3A1675329686%3Ac%3A1%3Arn%3A612107975%3Arqn%3A1%3Au%3A1675329686164661259%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A419%2C683%2C253%2C433%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1675329684069%3Arqnl%3A1%3Ast%3A1675329687%3At%3AK%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8186433221b3dcac73149c2fbd31a272985591976a9c22106b67482ec80b6d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 02-Feb-2023 09:21:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 480
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 09:21:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:27 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 02-Feb-2023 09:21:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1615%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1232692308569%3Ahid%3A684049679%3Az%3A0%3Ai%3A20230202092126%3Aet%3A1675329686%3Ac%3A1%3Arn%3A612107975%3Arqn%3A1%3Au%3A1675329686164661259%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A419%2C683%2C253%2C433%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1675329684069%3Arqnl%3A1%3Ast%3A1675329687%3At%3AK%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 09:21:27 GMT

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 155 B
807 B 1692ms
229ms XHR
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_uid=ek9st41vtq3wuoyy.1675329687.des&fosp_aid=ek9st41vtq3wuoyy.1675329687.des&orig_aid=ek9st41vtq3wuoyy.1675329687.des&myvne_user_id=0
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1282/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 6a3635b738942e18ec8334c67cffab35291250f192214221fbbdfcd1f366a2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 16:21:28 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK device_model_min.js Show response
la2.vnecdn.net/static/ 614 KB
614 KB 866ms
235ms Script
application/javascript 180.148.132.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://la2.vnecdn.net/static/device_model_min.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1282/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FT /
Resource Hash: 3d38b61631757d0c79305382f761ad40cc2d443784ef27074ce64c51839e3703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:27 GMT
Last-Modified: Thu, 01 Jul 2021 15:53:08 GMT
Server: FT
ETag: "60dde4e4-997dd"
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 628701
Expires: Thu, 02 Feb 2023 09:36:27 GMT

GET
H/1.1 200
OK iplookup Show response
g.eclick.vn/ 276 B
596 B 853ms
231ms XHR
application/json 111.65.249.224
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.eclick.vn/iplookup
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1282/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.224 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 061a636fdff4669f54fc5e6b5c5e0d9790b7f081329160c23c48d3db05355d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:27 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK fopt.js Show response
adp.vnecdn.net/ 82 B
651 B 1697ms
234ms Script
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/fopt.js?aid=ek9st41vtq3wuoyy.1675329687.des&uid=ek9st41vtq3wuoyy.1675329687.des
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1282/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1e6046369ce0d5de5c88f1eed3c92490a32ef94d305f8bb301549eb61d50abdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 16:21:28 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Cache-Control: max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Expires: Wed, 01 Feb 2023 16:21:28 GMT

GET
H2 200 bad.js Show response
s.eclick.vn/ 17 B
258 B 1150ms
231ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/bad.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1282/eclick/ea3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Sun, 09 Aug 2020 14:01:42 GMT
server: FPT-static_eclick_141_46
etag: W/"5f3001c6-11"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
expires: Fri, 03 Feb 2023 09:21:28 GMT

GET
H/1.1 204
No Content get
la2.vnecdn.net/ 0
533 B 870ms
235ms Image
text/plain 180.148.132.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://la2.vnecdn.net/get?app_id=100&ss_id=5006320&pg_id=88eb2629613786e7f94d64f2bd670a53&site_id=1003159&page_type=3&idsite=1003159&type=article&fid=1004903&show_id=&aid=4564117&fosp_aid=ek9st41vtq3wuoyy.1675329687.des&fosp_uid=ek9st41vtq3wuoyy.1675329687.des&orig_aid=ek9st41vtq3wuoyy.1675329687.des&fosp_country=null&fosp_gender=null&fosp_ip=null&fosp_isp=null&fosp_zone=null&fosp_location=null&adblock=0&myvne_user_id=0&referrer=&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&publication=1675101350&author=1700000426&article_type=text&wordcount=1020&list_folder=1000000%2C1003159%2C1003179%2C1004903&vn_aid=&vn_source=&vn_medium=&vn_campaign=&vn_term=&vn_content=&vn_sign=&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&index_topic=1077&index_format=3495&index_type=B%C3%A0i&dm=&r=0.5848543325694746&v=0628&action=pv&sec=7e13da5e8e82d170d3e9f05923ecf966
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FT /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 02 Feb 2023 09:21:27 GMT
Cache-Control: no-cache
Server: FT
Connection: keep-alive
Expires: Thu, 02 Feb 2023 09:21:26 GMT

GET
H/1.1 204
No Content /
la3.vnecdn.net/pageview/ 0
207 B 1209ms
229ms Image
text/plain 180.148.136.107
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://la3.vnecdn.net/pageview/?action=pageview&index_type=B%C3%A0i&index_topic=1077&index_format=3495&tt_page_type=article&tt_site_id=1003159&tt_category_id=1004903&tt_list_folder=1000000%2C1003159%2C1003179%2C1004903&its_url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&its_title=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F&its_section=kinh%20doanh&its_subsection=kinh%20doanh%2C%20ti%E1%BB%81n%20c%E1%BB%A7a%20t%C3%B4i%2C%20kinh%20nghi%E1%BB%87m&its_tag=k%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%2C%20v%C3%A0ng%2C%20usd%2C%20ch%E1%BB%A9ng%20kho%C3%A1n%2C%20g%E1%BB%ADi%20ti%E1%BA%BFt%20ki%E1%BB%87m%2C%20%C4%91%E1%BA%A7u%20t%C6%B0%20v%C3%A0o%20%C4%91%C3%A2u&its_topic=&its_object=&its_embed=0&its_author=1700000426&its_type=text&its_wordcount=1020&its_publication=1675101350&vn_aid=&platform=1&fosp_loc=&referer=&link_ref=&location_url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&site_id=1003159&its_id=4564117&its_video_id=0&its_ref=0&fosp_aid=ek9st41vtq3wuoyy.1675329687.des&fosp_uid=ek9st41vtq3wuoyy.1675329687.des&uid=ek9st41vtq3wuoyy.1675329687.des&my_vne=&play_embed=0&pageview_id=88eb2629613786e7f94d64f2bd670a53
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.136.107 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 02 Feb 2023 09:21:28 GMT
Cache-Control: no-cache
Server: nginx/1.12.2
Connection: keep-alive
Expires: Thu, 02 Feb 2023 09:21:27 GMT

GET iplocation
g.eclick.vn/ 0
0

GET
H2 200 2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
public.flourish.studio/uploads/246936/ Frame 8EDB 38 KB
39 KB 51ms
51ms Image
image/png 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/246936/2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f69d003ea553ac3e670195e9e2ad3cbfee34ea9a2878ef3584f9c7c88be07310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: nja9j.58bBUawVY99iak2AbEb.MjVy4S
date: Thu, 02 Feb 2023 05:02:45 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 15523
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 39109
last-modified: Thu, 24 Mar 2022 04:06:11 GMT
server: AmazonS3
etag: "19d1806e6aa8a2d8ed7446f0293d48c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: kdqbD1nPG-eWVv0PIXg6xoc6W8s9iNWkwazZaD_0mqo0OLmqvumEbw==

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9902.F9ka5VP63ILnsgYI2yHo-YoCR0e6VJgxJVdmE7KyY1UgJkF9J2iBJ1s4Lv1kK7s4.T7AuezTT42SM2CNIK8VuvH49NB0%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9902.Tl8gbKTHLqFl6U6IVfxswyetElLiwB95Iam-KVtohpmSIjjtS9-HXm2OoB4iUaZ5IO5lsZfqd304I8gyD0OLMIZlt_b_oCJucQuqHP4Ffb8%2C.u6ZVLQynLSDFteeSSa...

43 B
103 B

87ms
87ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9902.Tl8gbKTHLqFl6U6IVfxswyetElLiwB95Iam-KVtohpmSIjjtS9-HXm2OoB4iUaZ5IO5lsZfqd304I8gyD0OLMIZlt_b_oCJucQuqHP4Ffb8%2C.u6ZVLQynLSDFteeSSaFkAKA0Jzc%2C

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9902.Tl8gbKTHLqFl6U6IVfxswyetElLiwB95Iam-KVtohpmSIjjtS9-HXm2OoB4iUaZ5IO5lsZfqd304I8gyD0OLMIZlt_b_oCJucQuqHP4Ffb8%2C.u6ZVLQynLSDFteeSSaFkAKA0Jzc%2C
date: Thu, 02 Feb 2023 09:21:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
331 B 293ms
292ms XHR
application/json 1.55.119.42
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=72bba5da-85f5-4542-8b1f-a8f304ce6dc0
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 905ce5fca93c3ec68b0249199d073241e126f9faa6be36af861a56122665291a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:28 GMT
access-control-allow-credentials: true
server: nginx
content-length: 51
content-type: application/json

GET
H2 200 sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
331 B 293ms
292ms XHR
application/json 1.55.119.42
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=72bba5da-85f5-4542-8b1f-a8f304ce6dc0
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 905ce5fca93c3ec68b0249199d073241e126f9faa6be36af861a56122665291a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:28 GMT
access-control-allow-credentials: true
server: nginx
content-length: 51
content-type: application/json

POST
H2 200 p Show response
octopus-stream01-cads.fpt.vn/analytics/ 17 B
112 B 1212ms
615ms XHR
application/octet-stream 1.55.119.42
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/p
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 1.55.119.42 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 02 Feb 2023 09:21:29 GMT
server: nginx
content-type: application/octet-stream

GET
H2 200 adsbyeclick.js Show response
scdn.eclick.vn/delivery/asset/335045513/ 23 KB
9 KB 303ms
302ms Script
application/x-javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/asset/335045513/adsbyeclick.js
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/eclick.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: 991905620a6b37a91e9154913ba2cbc55acfc8231b8eb80a6aae5ea2bd5f7307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 05:00:53 GMT
server: FPT-static_eclick_141_46
age: 20
etag: W/"63d9f205-5d61"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
expires: Thu, 02 Feb 2023 09:45:08 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
386 B 86ms
86ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 02 Feb 2023 10:21:28 GMT

GET
H/1.1 204
No Content /
la3.vnecdn.net/read/ 0
207 B 899ms
236ms Image
text/plain 180.148.136.107
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://la3.vnecdn.net/read/?action=read&ratio=0&pv_read=0&pv_scroll=20&pv_total=184000&index_type=B%C3%A0i&index_topic=1077&index_format=3495&tt_page_type=article&tt_site_id=1003159&tt_category_id=1004903&tt_list_folder=1000000%2C1003159%2C1003179%2C1004903&its_url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&its_title=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F&its_section=kinh%20doanh&its_subsection=kinh%20doanh%2C%20ti%E1%BB%81n%20c%E1%BB%A7a%20t%C3%B4i%2C%20kinh%20nghi%E1%BB%87m&its_tag=k%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%2C%20v%C3%A0ng%2C%20usd%2C%20ch%E1%BB%A9ng%20kho%C3%A1n%2C%20g%E1%BB%ADi%20ti%E1%BA%BFt%20ki%E1%BB%87m%2C%20%C4%91%E1%BA%A7u%20t%C6%B0%20v%C3%A0o%20%C4%91%C3%A2u&its_topic=&its_object=&its_embed=0&its_author=1700000426&its_type=text&its_wordcount=1020&its_publication=1675101350&vn_aid=&platform=1&fosp_loc=&referer=&link_ref=&location_url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&site_id=1003159&its_id=4564117&its_video_id=0&its_ref=0&fosp_aid=ek9st41vtq3wuoyy.1675329687.des&fosp_uid=ek9st41vtq3wuoyy.1675329687.des&uid=ek9st41vtq3wuoyy.1675329687.des&my_vne=&play_embed=0&pageview_id=88eb2629613786e7f94d64f2bd670a53
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.136.107 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 02 Feb 2023 09:21:29 GMT
Cache-Control: no-cache
Server: nginx/1.12.2
Connection: keep-alive
Expires: Thu, 02 Feb 2023 09:21:28 GMT

GET
H2 200 lazyload.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/ 10 KB
4 KB 232ms
232ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/lazyload.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 22b227689b93e1ced3808e3e2e5e67f7a5093dd4452e58f43fe772a2fc7ca714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 08:07:58 GMT
age: 0
etag: W/"626b9cde-2855"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 detail.defer.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/ 72 KB
19 KB 235ms
234ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: ffab9d963be9195d80a4893d07fdc58473ea76b9f6e939f2632e872ae367365b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 08:07:31 GMT
age: 0
etag: W/"63a2bec3-120a4"
vary: Accept-Encoding
x-cache: MISS
x-handle: 0-1
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 hls.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/ 239 KB
70 KB 256ms
254ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/hls.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
age: 0
etag: W/"6093454b-3bc3b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 embed_vod.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/ 65 KB
17 KB 256ms
255ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/embed_vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 759d244982b4cb13b2af404e1874ce6df91da5052d9455e3fc123aa2a500a62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 11:20:55 GMT
age: 0
etag: W/"6374c797-103d3"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 video-js.css
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/ 75 KB
23 KB 243ms
242ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/video-js.css
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/vod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
age: 0
etag: W/"6093454b-12c5c"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 ads.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/ 22 KB
6 KB 249ms
248ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/ads.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: ce4481bf9fd1c72aa0abe9d6ba0a9702f246568dd4891878e70dc860c453392b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 09:46:29 GMT
age: 0
etag: W/"637b48f5-5944"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 print.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/ 341 B
438 B 230ms
229ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/print.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/detail-file.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: aae43dd0c04b36d5500a355226c4689f1043be79e39b96c2c1aa2471203bbcd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/detail-file.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
last-modified: Tue, 12 Apr 2022 03:10:20 GMT
age: 0
etag: "6254ed9c-155"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 341
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H/1.1 200
OK eclookup.html Show response
adp.vnecdn.net/delivery/ Frame D501 8 KB
4 KB 492ms
230ms Document
text/html 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/delivery/eclookup.html?fosp_aid=ek9st41vtq3wuoyy.1675329687.des&orig_aid=ek9st41vtq3wuoyy.1675329687.des&fosp_uid=ek9st41vtq3wuoyy.1675329687.des&myvne_user_id=
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/asset/335045513/adsbyeclick.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e05c8cf0a28d9efaa056de23a6b12a4c59dd8407429137ed595603d7deb637ca

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 09:21:28 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 zepto.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/ 39 KB
12 KB 242ms
242ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/zepto.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
age: 0
etag: W/"6093454f-9c7d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 simple-scrollbar.min.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/ 4 KB
1 KB 294ms
293ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/simple-scrollbar.min.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
age: 0
etag: W/"6093454f-10a7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 usi.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/ 17 KB
4 KB 288ms
288ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/usi.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 75703b23c6052d82159c940464b9e794f4f86458f6a4e451f4f7ead35e9725c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 10:21:36 GMT
age: 0
etag: W/"63a42fb0-454d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 firebaseWeb.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/widget/ 91 KB
25 KB 288ms
288ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/widget/firebaseWeb.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 49aedfd8521b97f85801629a91636eac3db10625bd58d278ccd6d33e50555bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Wed, 28 Dec 2022 07:35:19 GMT
age: 0
etag: W/"63abf1b7-16a84"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 eclick_logo.png
static.eclick.vn/delivery/css/images/graphics/ 2 KB
2 KB 960ms
234ms Image
image/png 111.65.249.131
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eclick.vn/delivery/css/images/graphics/eclick_logo.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.131 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_36 /
Resource Hash: 28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:29 GMT
last-modified: Tue, 28 Apr 2020 05:02:00 GMT
server: FPT-static_eclick_141_36
etag: "5ea7b8c8-76a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1898
expires: Sat, 04 Mar 2023 09:21:29 GMT

GET
DATA 200
OK truncated
/ 59 KB
59 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506

Request headers

Referer
Origin: https://vnexpress.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK fopt.js Show response
adp.vnecdn.net/ 82 B
651 B 574ms
232ms Script
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/fopt.js?aid=ek9st41vtq3wuoyy.1675329687.des
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/ov_pc_vne_1003179_detail.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1e6046369ce0d5de5c88f1eed3c92490a32ef94d305f8bb301549eb61d50abdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 16:21:28 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Cache-Control: max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Expires: Wed, 01 Feb 2023 16:21:28 GMT

GET
H2 200 sync_retar.html Show response
s.eclick.vn/delivery/ Frame EA14 3 KB
2 KB 232ms
231ms Document
text/html 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/sync_retar.html
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/ov_pc_vne_1003179_detail.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: 9773368f04feb86ea051955af8616720b0dce7dc2e822bdbd4dda657e0543be0

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 02 Feb 2023 09:21:28 GMT
etag: W/"62b59cb3-c37"
expires: Fri, 03 Feb 2023 09:21:28 GMT
last-modified: Fri, 24 Jun 2022 11:14:59 GMT
server: FPT-static_eclick_141_46
vary: Accept-Encoding

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f948d4c6-a2da-11ed-8db3-1860f0710206

0
589 B

42ms
42ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f948d4c6-a2da-11ed-8db3-1860f0710206
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Thu, 02 Feb 2023 09:21:28 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 113
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:28 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?source=307342&sync_limit=5&__user_check__=1&sync_id=f948d4c6-a2da-11ed-8db3-1860f0710206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 110
Connection: keep-alive
Content-Length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 404ms
236ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 214ms
69ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.23.0&cb=2125435421&lsavail=0

Requested by

Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
822 B 158ms
42ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:28 GMT
AN-X-Request-Uuid: f2480af5-53d7-4bf0-9646-45300ca692a0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
1 KB 223ms
126ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3478465773b4c316de39d941de1b81939c1846110198ff64f2fe0eca3f5cd5dd

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Thu, 02 Feb 2023 09:21:28 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Validating the Prebid Request adunits. No supported banner or video size for adUnit: /27973503/OV.Vnexpress/Desktop/Outstream/kinhdoanh/kinhdoanh.tiencuatoi.detail, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: /27973503/OV.Vnexpress/Desktop/Inarticle1/kinhdoanh/kinhdoanh.tiencuatoi.detail, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: /27973503/OV.Vnexpress/Desktop/Large3/Kinhdoanh/Kinhdoanh.tiencuatoi.detail, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: /27973503/OV.Vnexpress/Desktop/Masthead/Kinhdoanh/Kinhdoanh.tiencuatoi.detail, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: /27973503/OV.Vnexpress/Desktop/Large1/Kinhdoanh/Kinhdoanh.tiencuatoi.detail, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: /27973503/OV.Vnexpress/Desktop/Large2/Kinhdoanh/Kinhdoanh.tiencuatoi.detail, Process Seats Booster. unable to get the seat booster engine for organization: 1015
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7931db5a8c195c7a-FRA
expires: 0

POST
H/1.1 204
No Content hb Show response
cpm.unibots.in/ 0
260 B 247ms
48ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.unibots.in/hb?zone=148094&v=1.6
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:28 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H2 200 mv Show response
gw.vnexpress.net/ 16 KB
4 KB 791ms
233ms Fetch
application/json 180.148.132.75
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.vnexpress.net/mv?site_id=1003159&category_id=1003159&type=1&limit=15&data_select=article_id,article_type,title,share_url,thumbnail_url,publish_time,lead,privacy,original_cate,article_category&thumb_size=300x180&thumb_quality=100&thumb_dpr=1,2&thumb_fit=crop&exclude_id=4564117
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/blocks/detail/1003159.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-ams_global_139_54 /
Resource Hash: 89ab6431c0f972079c30c7f229d21560bee7002013224fca4b1f664c8956cc69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
via: kong/1.2.1
server: FPT-ams_global_139_54
x-kong-server: kong_api_139_55
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *

GET
DATA 200
OK truncated
/ 61 KB
61 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae

Request headers

Referer
Origin: https://vnexpress.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 190 B
522 B 1515ms
461ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4564117-1&get_link_bitly=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10477inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: a1ef4735b12456b6f2a0c6ec2ed48dd431fb94e559be9d9fba2e2db4bc655d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:29 GMT
cache-control: max-age=30
last-modified: Thu, 02 Feb 2023 09:21:30 GMT
server: 10477inhcdd10bf7c7468e873e79ba2ad134
etag: "Wao19YeXTP392Fh+XmXqww=="
content-length: 190
content-type: text/javascript; charset=utf-8

GET
H2 200 comment_v4.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/ 50 KB
9 KB 231ms
231ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/comment_v4.css
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 12964f62ce71e93c176f6c2b158a40dadbf03814a8af0b42aeb22476312a8565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:28 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 03:20:17 GMT
age: 0
etag: W/"63180df1-c842"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:28 GMT

GET
H2 200 video.lib.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/ 461 KB
131 KB 243ms
243ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v2/helper/vod/video.lib.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
age: 0
etag: W/"6093454b-73376"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 myvne_users_redesign.js Show response
s1cdn.vnecdn.net/myvne/j/v95/ 80 KB
21 KB 250ms
249ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/myvne/j/v95/myvne_users_redesign.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 5239aa1193e7752a6967aa939eca477603942e20172df9145f6bace01dd64490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 09:46:32 GMT
age: 6
etag: W/"63c7bff8-14052"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:23 GMT

GET
H2 200 vne_redesign.js Show response
s1cdn.vnecdn.net/myvne/j/v95/plugins/ 9 KB
2 KB 253ms
253ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/myvne/j/v95/plugins/vne_redesign.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: c0fc796f3db3e151622a454de9fbd730f643055048ec429b9dd1492509a5432a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 08:18:19 GMT
age: 0
etag: W/"638711cb-238e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 chk Show response
ps.vnexpress.net/ps/ 20 B
309 B 1194ms
228ms Fetch
application/json 111.65.248.177
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.vnexpress.net/ps/chk?fosp_aid=ek9st41vtq3wuoyy.1675329687.des
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.248.177 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx /
Resource Hash: 8d67a2cdd68f61737b34610b8edd7355a918b7b0606044e556ab782b2bc4550e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
x-cache: Host personalize_hcm_134_88
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With

GET
H2 200 embed Show response
flo.uri.sh/visualisation/12485484/ Frame 0904 961 KB
267 KB 50ms
49ms Document
text/html 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/visualisation/12485484/embed
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/zepto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098372943a3890980120d544cf3da77ae5220998eee484d143de9c08a76111c7

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2
cache-control: max-age=0
cf-cache-status: HIT
cf-ray: 7931db5b9bce3688-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:28 GMT
last-modified: Mon, 30 Jan 2023 11:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhsTVk67u1mu9DWDhP10fr%2FPpU%2F1riwDJFHp8VTHJide2ZHvhmcr1HMnZ5heAcgzQT71%2B3tmdaNWCHDOlE2HayKeIJC4LzS%2B2Hb6T7%2B0R5WAGjSVdbEQDmViSlNvpNVXSQsYhCLZUzE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: UB7cmH3g/z+2nBiWrfu12AlXAwFpeMnraVr6p9A+SNPV4T+8q9wk2ZVZycCQFXA9E0JzAa+C2lg=
x-amz-request-id: RJ332NDW62692XZP
x-amz-version-id: wFDOek.W4ntiBdCvkngYQwLl6tfRTWb3

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
52ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=946454588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ul=en-us&de=UTF-8&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=Scroll%20on%20%20Article&el=Scroll%2025%25%20article&_u=aGDAgEABQAAAAGAEK~&jid=&gjid=&cid=611417411.1675329686&tid=UA-50285069-28&_gid=36675206.1675329686&gtm=2wg1u0N3FNJF&cg1=Article&cg2=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cg3=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&cg4=Kinh%20doanh&cg5=Kinh%20nghi%E1%BB%87m&cd1=1003159&cd5=ek9st41vtq3wuoyy.1675329687.des&cd7=Kinh%20nghi%E1%BB%87m&cd8=Article&cd9=4564117&cd10=1700000426&cd12=20230131005550&cd14=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%2C%20v%C3%A0ng%2C%20USD%2C%20ch%E1%BB%A9ng%20kho%C3%A1n%2C%20g%E1%BB%ADi%20ti%E1%BA%BFt%20ki%E1%BB%87m%2C%20%C4%91%E1%BA%A7u%20t%C6%B0%20v%C3%A0o%20%C4%91%C3%A2u%2C%20b%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20no%CC%81ng%2C%20T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh%2C%20Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cd17=No&cd19=Web&cd21=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F&cd22=1&cd24=0&cd25=text&cd26=&cd27=Kinh%20doanh&cd30=0&cd37=1004903&cd51=Scroll%2025%25%20article&cd61=on&cd71=0&cd76=3495&cd77=1077&cd78=B%C3%A0i&cd80=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&cd81=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cd84=Ch%E1%BB%A9ng%20kho%C3%A1n%2C%20B%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20n%C3%B3ng&cd85=3761%2C%204072%2C%20980&cd55=611417411.1675329686&cm19=1&z=1790075978

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 11:06:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80123
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zeptousi.min.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/ 9 KB
4 KB 232ms
232ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/zeptousi.min.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: c3263042f6ebac63519ecdec6d8b241cd40abb309125f17b7044a7d8f8bb2a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:32 GMT
age: 0
etag: W/"60934550-223b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 choices.min.css
flo.uri.sh/template/2677/v21/static/choices/styles/css/ Frame 0904 5 KB
2 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/2677/v21/static/choices/styles/css/choices.min.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebf010cf3503db862eb22610bc84f1d2f0b174bac152f1e654e73fe9ead91ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/12485484/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
x-amz-version-id: Mj0s.KOceVrwhpLLyw0Bpub3uEXcLu2g
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9NTAHHS7YCQFP46X
age: 99937
x-amz-id-2: Gxw8hvOAoYznGAOw/Ws5qqa4Box6ExTgeNOrAkVfI7ofhO5JNchwy1mvgSG3oaFLdBUcxDrmpEI=
last-modified: Mon, 23 Jan 2023 12:44:27 GMT
server: cloudflare
etag: W/"ac45b0abe30007c417750608d660cf6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxC63F%2F9uv2Bn%2BZxLVo%2BH4jWGPYCdA2sbk4cOpoEfdUqg%2FfG0yt0dJHyixMzkMb%2BQVJiBD9kPqvaVmGvijUVlVXmoJ8aWDTRYjyDYkd6ti4nZzJnNo%2ByciKVxWH7IpnSVT5mKz2VPek%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 7931db5c0c3d3688-FRA

GET
H2 200 style.css
flo.uri.sh/template/2677/v21/static/ Frame 0904 1 KB
871 B 47ms
46ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/2677/v21/static/style.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f291acaadfdcfe1b7fe74dd747ebc7d203563b7f5273dc29fb1176fffbfba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/12485484/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:28 GMT
x-amz-version-id: wSADovtv8XwZE1o51ftedJJAJWdmWtlC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SGM2AK8AKMHNCJ65
age: 99932
x-amz-id-2: rJ7SmODKqsZxlwCsefjdPzKIjLN1VuUxJyorwNgiwleQyAloh4BjQMsvFARhYdUsmAb7h5XM7oc=
last-modified: Mon, 23 Jan 2023 12:44:27 GMT
server: cloudflare
etag: W/"4e1da9f7c73aef3bd3110faede5fdfd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLg0BXaE6OPNLVgb%2FWgdUqMt%2FFnZRf2wdhPExl8FRQJ%2BDUGU7PH3dyhCiC34gr%2BcDXYQeewolQVUNmmruiAHYNH%2BQxTXro2DzizBTOnaheVU3RI4LheFhPy4JvJe3yB0JGtUQYU826Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 7931db5c0c3e3688-FRA

GET
H2 200 embedded.js Show response
public.flourish.studio/resources/v3/ Frame 0904 11 KB
4 KB 40ms
40ms Script
application/javascript 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/v3/embedded.js
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f80d5f9ce4e4273e3dbdc43f418d37328216b79195165c14e65cc1c6ec34127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: m_y1UB4v7ETU4z0hzwLBXDr0tKBpOY8g
content-encoding: gzip
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:18:47 GMT
x-amz-cf-pop: FRA53-C1
age: 161
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 17:48:38 GMT
server: AmazonS3
etag: W/"dc19950f0ddddd9b7a5691ed2ee57cb9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: LOjcqvieZF81jLZ5fNFphfZyLiBwdnVpQeepQmINCm9FX0MvZpZ89Q==

GET
H2 200 icon-eclick.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/images/graphics/ 2 KB
1 KB 254ms
253ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/images/graphics/icon-eclick.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
age: 0
etag: W/"609344f4-757"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 logo_vlight.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/images/graphics/ 336 B
433 B 235ms
235ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/images/graphics/logo_vlight.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
last-modified: Wed, 22 Sep 2021 07:54:47 GMT
age: 0
etag: "614ae147-150"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 336
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/ 20 KB
7 KB 238ms
238ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/jquery.magnific-popup.min.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
age: 0
etag: W/"6093454f-4ef8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 Download_Huawei.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/ 7 KB
7 KB 229ms
229ms Image
image/png 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/Download_Huawei.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
age: 0
etag: "60934508-1c11"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 7185
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 Download_AppStore.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/ 4 KB
5 KB 230ms
229ms Image
image/png 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/Download_AppStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
age: 0
etag: "60934508-11d9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 4569
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 Download_PlayStore.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/ 7 KB
7 KB 424ms
424ms Image
image/png 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/Download_PlayStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
age: 0
etag: "60934508-1b18"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 6936
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 qr_app.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/ 65 KB
5 KB 427ms
427ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/qr_app.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:20 GMT
age: 0
etag: W/"60934508-104d3"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 qr_app_en.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/ 68 KB
7 KB 427ms
426ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/i/v736/v2_2019/pc/graphics/qr_app_en.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:20 GMT
age: 0
etag: W/"60934508-1110a"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 icon-eclick.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/ 2 KB
1013 B 516ms
515ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/icon-eclick.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/general-file.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/general-file.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
age: 10
etag: W/"609344f4-757"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:19 GMT

GET
H2 200 logo_vlight.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/ 336 B
432 B 470ms
470ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/images/graphics/logo_vlight.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/general-file.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/general-file.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
last-modified: Wed, 22 Sep 2021 07:54:47 GMT
age: 10
etag: "614ae147-150"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 336
expires: Thu, 02 Feb 2023 09:26:19 GMT

GET
DATA 200
OK truncated
/ Frame 0904 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0904 49 KB
20 KB 52ms
51ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 08:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3585
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 10:21:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0904 4 KB
747 B 82ms
81ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:17:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 09:21:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0904 3 KB
659 B 95ms
94ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac89d7e4b7c14d902ef5f62dd07f8d1ff2db26b27eccecceb573b6961f9958b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 08:07:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 09:21:29 GMT

POST
H3 200 collect
www.google-analytics.com/ Frame 0904 35 B
55 B 72ms
72ms Ping
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flo.uri.sh/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://flo.uri.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/fptonline-vn/trc/3/ 7 KB
3 KB 158ms
143ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/fptonline-vn/trc/3/json?tim=09%3A21%3A29.122&lti=deflated&data=%7B%22id%22%3A145%2C%22ii%22%3A%22%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1675176356772%2C%22vi%22%3A1675329689119%2C%22cv%22%3A%2220230131-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%2C%22vpi%22%3A%22%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4382%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-rr-02-a%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%201x1%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%201x1%22%2C%22cd%22%3A411%2C%22mw%22%3A300%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-rr-02-b%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%202x1%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%202x1%22%2C%22cd%22%3A411%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%2CRight%20Rail%20Thumbnails%201x1%3Dthumbnails-rr-02-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%202x1%3Dthumbnails-rr-02-b%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230131-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bba206c3e8428e38d318e1f9fc25739a21eceff446d32e4820ec06384db031d7

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 104
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220022-HHN
server: nginx
x-timer: S1675329689.158290,VS0,VE104
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://vnexpress.net
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0904 13 KB
13 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 13:30:55 GMT
x-content-type-options: nosniff
age: 417034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 13:30:55 GMT

GET
H2 200 commentv4.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/helper/interactions/ 63 KB
18 KB 259ms
259ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/helper/interactions/commentv4.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 6ec66550f21646e3d54c77ddf6186b47f927f63f7550ef4caeba523a409fa6f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:27:25 GMT
age: 0
etag: W/"62fdf7ed-fda4"
vary: Accept-Encoding
x-cache: MISS
x-handle: 0-1
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
public.flourish.studio/uploads/246936/ Frame 0904 38 KB
39 KB 46ms
45ms Image
image/png 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/246936/2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f69d003ea553ac3e670195e9e2ad3cbfee34ea9a2878ef3584f9c7c88be07310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: nja9j.58bBUawVY99iak2AbEb.MjVy4S
date: Thu, 02 Feb 2023 05:02:45 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 15525
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 39109
last-modified: Thu, 24 Mar 2022 04:06:11 GMT
server: AmazonS3
etag: "19d1806e6aa8a2d8ed7446f0293d48c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: E3ra1oNmaGxOCw2USv3d-m-b1x4SH5Yft5tgrA9ZvWjKL3gwwRF1jA==

GET
H3 200 u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0904 18 KB
18 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 15:30:42 GMT
x-content-type-options: nosniff
age: 409847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18836
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 15:30:42 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0904 19 KB
19 KB 61ms
60ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 17:07:22 GMT
x-content-type-options: nosniff
age: 144847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:07:22 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0904 18 KB
18 KB 75ms
74ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:52:52 GMT
x-content-type-options: nosniff
age: 232117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18416
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 16:52:52 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0904 12 KB
12 KB 87ms
86ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 08:26:14 GMT
x-content-type-options: nosniff
age: 435315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11792
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 08:26:14 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0904 20 KB
20 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 17:07:15 GMT
x-content-type-options: nosniff
age: 144854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:07:15 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0904 11 KB
11 KB 91ms
90ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:38:51 GMT
x-content-type-options: nosniff
age: 6158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11724
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:50:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 07:38:51 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0904 13 KB
13 KB 97ms
96ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:57:36 GMT
x-content-type-options: nosniff
age: 242633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 13:57:36 GMT

GET
H2 200 userx.20230131-18-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 39ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230131-18-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fptonline-vn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56f9f67f1f0195ae76d9afdb44b0b9737185d460186ac73ed29cb77f161319cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: W61elKHyuCeQIriN6TSHIWPf3uYJ36Ws
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Feb 2023 09:21:29 GMT
x-amz-request-id: BWMNYVXRWJ07BDXD
age: 57185
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5399
x-amz-id-2: GnA71yo0pPMhrVoS15xnm8JJDvomYL83FQH5lc8ZVxO6+if7QH2DnXHYnfFkSqTLvrfz5wBVzkA=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Wed, 01 Feb 2023 17:28:24 GMT
server: AmazonS3
x-timer: S1675329689.476971,VS0,VE0
etag: "5876378f87aa109b800297ac4a556b95"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 23
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 26246

GET
H2 200 3e3ee61e8f3de09113fe9db9deb17882.png
cdn.taboola.com/libtrc/static/thumbnails/ 59 KB
59 KB 40ms
40ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/3e3ee61e8f3de09113fe9db9deb17882.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35de43836b10b31e69db065b571c598efd4dbb173426246ec83d837844c30984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: HKGRclu1NgnwZEDq.JfpOzfu0ooU8U.8
date: Thu, 02 Feb 2023 09:21:29 GMT
via: 1.1 varnish
x-amz-request-id: 91D9FYZFG5PM3980
age: 74
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 60485
x-amz-id-2: TcDJm/p2rIAWd6MZmMI7NqtNMWJjKbw8xPt5WzNyg9bm7bx6y6Q3PmDYFhYqdhzfJNly2MlQXys=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Tue, 20 Aug 2019 08:33:31 GMT
server: AmazonS3
x-timer: S1675329689.477940,VS0,VE2
etag: "84d3c112a472cbe289d67c170d392060"
content-type: image/png
abp: 23
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0904 8 KB
8 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a619ae1c332145518f3ed463be52e3c71f63ecd71b0fdeae601b1878170005a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 23:29:29 GMT
x-content-type-options: nosniff
age: 467520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7852
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:29:29 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0904 4 KB
4 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e0839c2fc964208d157d5582aa3629465196ad2d90b9aee7ba1a480d8ec40a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 18:04:41 GMT
x-content-type-options: nosniff
age: 573408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4216
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 18:04:41 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0904 8 KB
8 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880fc37f5a324b19d0624937dd1235625399588bebfe5c703930d6f3e1409285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:07:05 GMT
x-content-type-options: nosniff
age: 544464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7820
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 02:07:05 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0904 4 KB
4 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4de44eab29462e426981eca31a2e82331fbc494e64633889321a3b8db175527c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 16:42:09 GMT
x-content-type-options: nosniff
age: 578360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:42:09 GMT

GET
H2 200 jquery.magnific-popup-1.1.min.js Show response
s1.vnecdn.net/myvne/j/v1/lib/ 20 KB
7 KB 237ms
237ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/myvne/j/v1/lib/jquery.magnific-popup-1.1.min.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v95/myvne_users_redesign.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 07:16:08 GMT
etag: W/"62de4338-4ef8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sat, 03 Feb 2024 09:21:29 GMT

GET
H2 200 myvne-2023-PC.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/ 12 KB
3 KB 232ms
232ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2_2019/pc/myvne-2023-PC.css
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v95/myvne_users_redesign.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 89ebfc3d5a692b3490ded59577ec232b847274f6b811fea414cf69a2641203e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 02:27:33 GMT
age: 0
etag: W/"63bf7015-2ece"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:29 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 192 KB
76 KB 465ms
126ms Script
application/javascript 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v95/myvne_users_redesign.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

530752728a396ddcdd46e2a062834d6fdd475ad5199b9beab914088203fb1fac

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--4klQc1Mfi1JUkcCK9Wd9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--4klQc1Mfi1JUkcCK9Wd9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 02 Feb 2023 09:21:29 GMT

GET
H2 200 myvne_2019.css
s1cdn.vnecdn.net/myvne/c/v95/ls/ 12 KB
3 KB 237ms
236ms Stylesheet
text/css 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/myvne/c/v95/ls/myvne_2019.css
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/modules/detail.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 26347690a42de76f183305c56c8d2544d67a6a70defc5a86164953528e306fb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 02:20:03 GMT
age: 5
etag: W/"60c02553-2e60"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:24 GMT

GET
H2 200 fda4c087393d1710f10be4d3437dc893.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 43ms
42ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fda4c087393d1710f10be4d3437dc893.jpg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2dd012ca744583da20cc55879eafa5fbd9ad2a4d45bbb3a5bc022ff9bf0cb73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 02 Feb 2023 09:21:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fda4c087393d1710f10be4d3437dc893.jpg
age: 2932022
edge-cache-tag: 559557923178050455341282029807793916273,443836174948430876860534762507222327829,29ecf9b93bbf306179626feeda1fab70
cache-tag: 559557923178050455341282029807793916273,443836174948430876860534762507222327829,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 85
expiration: expiry-date="Sat, 14 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.athensvoice.gr/
content-length: 10552
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000037-IAD, cache-iad-kiad7000042-IAD, cache-sna10749-LGB, cache-iad-kjyo7100132-IAD, cache-hhn-etou8220022-HHN
last-modified: Wed, 14 Dec 2022 15:09:26 GMT
server: nginx
x-timer: S1675329690.560003,VS0,VE2
etag: "59c49669a0a3e7c76f2066d6b58e8ae7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 3, 1

GET
H2 200 cta-component.20230131-18-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 40ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230131-18-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fptonline-vn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72f72c9ca1e1846f22ebb87b36b7241191fe492ee74b6b2764da69fc2c70bbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: XOViudRVpkDqjGKOPuKoLDbtRJvokEhO
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Feb 2023 09:21:29 GMT
x-amz-request-id: VP9TVKRDRZNF6CJF
age: 57221
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4597
x-amz-id-2: ANuHnZMgA5p+L9WKZUIrUg5kAfx9tTaggGp+FOQKcu6dnA2bhJ44FsK50NTmb5wsbbkB1zqSVT8=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Wed, 01 Feb 2023 17:27:49 GMT
server: AmazonS3
x-timer: S1675329690.886278,VS0,VE0
etag: "6176cd260e11fa248a0ffbf5ad1ac834"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 23
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 100285

GET
H2 200 ar Show response
ps.vnexpress.net/u/ 34 B
344 B 225ms
224ms Fetch
text/plain 111.65.248.177
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.vnexpress.net/u/ar?fosp_aid_list=&aid_list=4564117,4565033,4564889,4565024,4565485,4565775,4564887,4564949,4565156,4565639,4565161,4564835,4565853,4565539,4565242,4564984
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/blocks/detail/1003159.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.248.177 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx /
Resource Hash: 294f23e399066488129f75c2f4c28b65972c093b8e77314e74030e3ea1760a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 142ms
50ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 144ms
50ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
22 KB 387ms
386ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3315255875517188&correlator=1871151609340959&eid=31072017%2C31072024%2C31072030%2C31072041&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CMasthead%2CKinhdoanh%2CKinhdoanh.tiencuatoi.detail%2CLarge1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F6%2F4%2F5&prev_iu_szs=320x50%7C3x3%7C970x250%7C1920x270%7C1100x250%2C320x50%7C1x1%7C300x250%7C300x300%7C300x500%7C300x540%7C300x600&fluid=height%2Cheight&ifi=1&adks=3450315883%2C1045740163&didk=1042126350~4056979791&sfv=1-0-40&eri=1&cust_params=tags%3Dk%25C3%25AAnh%2520%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%252Cv%25C3%25A0ng%252Cusd%252Cch%25E1%25BB%25A9ng%2520kho%25C3%25A1n%252Cg%25E1%25BB%25ADi%2520ti%25E1%25BA%25BFt%2520ki%25E1%25BB%2587m%252C%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%2520v%25C3%25A0o%2520%25C4%2591%25C3%25A2u%26liston%3D1003159%252C1003179%252C1004903%26article_type%3D1%26article%3D4564117%26category%3D1004903%26cpd%3D5%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dmasterise&sc=1&cookie_enabled=1&abxe=1&dt=1675329689912&lmt=1675329689&dlt=1675329685426&idt=1067&adxs=-9%2C1050&adys=-9%2C391&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&frm=20&vis=1&psz=0x-1%7C300x0&msz=0x-1%7C300x0&fws=2%2C4&ohw=0%2C300&ga_vid=611417411.1675329686&ga_sid=1675329690&ga_hid=946454588&ga_fc=true&ga_cid=36675206.1675329686

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8b4e367cf083cf5801fbc13aab544dbe3374f9b6fd7393df675667a09591e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21994
x-xss-protection: 0
google-lineitem-id: -1,6212043300
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138421965166
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3a5d6ae81e002caeda0eb340b39787f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0A0 6 KB
3 KB 383ms
88ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a5d6ae81e002caeda0eb340b39787f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:30 GMT
expires: Fri, 02 Feb 2024 09:21:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 620ms
302ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 09:21:30 GMT

GET
BLOB 200
OK 3aade46d-5bf6-49c5-8481-8fc9c134365b
https://vnexpress.net/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vnexpress.net/3aade46d-5bf6-49c5-8481-8fc9c134365b
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 jquery.cookie.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/scripts/helper/ 702 B
586 B 237ms
236ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/scripts/helper/jquery.cookie.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 5cf28dfcd67fd864cea7b615705eb2dcc9840531a31d6b30d322f6f04ba689ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:24 GMT
age: 13
etag: W/"60934548-2be"
vary: Accept-Encoding
x-cache: MISS
x-handle: 0-1
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:17 GMT

GET
H2 200 symbol-defs.svg Show response
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/images/graphics/ 47 KB
10 KB 245ms
245ms XHR
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/images/graphics/symbol-defs.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/helper/interactions/commentv4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 68ba37484842d6afca1056ba46fae1051436633e6f92d33f8c62fcf034331b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
age: 0
etag: W/"609344f4-bceb"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:30 GMT

GET
H2 200 get Show response
usi-saas.vnexpress.net/index/ 2 KB
2 KB 1179ms
470ms XHR
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/index/get?offset=0&limit=25&frommobile=0&sort=like&is_onload=1&objectid=4564117&objecttype=1&siteid=1003159&categoryid=1004903&sign=8ebc420fdac818cbb79b32eb7d9b837b&tab_active=most_like&cookie_aid=ek9st41vtq3wuoyy.1675329687.des&usertype=4&template_type=1&app_mobile_device=0&title=K%C3%AAnh+%C4%91%E1%BA%A7u+t%C6%B0+n%C3%A0o+sinh+l%E1%BB%A3i+t%E1%BB%91t+nh%E1%BA%A5t+t%E1%BB%AB+Covid-19+%C4%91%E1%BA%BFn+nay%3F+-+VnExpress+Kinh+doanh
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/zepto.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10277inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 19437f20ae68004c346fdc30f7976d17feaea4d211b04cba8ea3608b368ef3dc

Request headers

Accept: application/json
Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
last-modified: Thu, 02 Feb 2023 09:21:31 GMT
server: 10277inhcdd10bf7c7468e873e79ba2ad134
etag: "jxrZKirTmCKkr0L8uMD2yA=="
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=30
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 2004

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 loading1.gif
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/images/graphics/ 21 KB
21 KB 265ms
259ms Image
image/gif 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/images/graphics/loading1.gif
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 2b90449d72d176b940402f6f97e8587bc8e96c67e8b7d85bc1ca6e9278baa6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:30 GMT
last-modified: Thu, 06 May 2021 01:22:32 GMT
age: 13
etag: "609344d8-5245"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 21061
expires: Thu, 02 Feb 2023 09:26:17 GMT

GET
H2 200 e57b71bf78acc992724d5578cda0e53a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 41ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a830916966786ee3b6c0e76353c983fb4dca7aa3e48dea8373f1f6959cb9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 02 Feb 2023 09:21:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
age: 1993394
edge-cache-tag: 581642981813423033132911081436147160939,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581642981813423033132911081436147160939,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 553
req-referer: https://vnexpress.net/
content-length: 10396
x-request-id: 621d0be1da00a094094d3a185a296762
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000043-IAD, cache-iad-kcgs7200168-IAD, cache-bur-kbur8200168-BUR, cache-iad-kjyo7100059-IAD, cache-hhn-etou8220022-HHN
last-modified: Wed, 04 Jan 2023 20:01:52 GMT
server: nginx
x-timer: S1675329690.976417,VS0,VE1
etag: "e94e41559aea421e41559e0ab1273bb4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 36, 1

GET
H2 200 e7a8223952136a6563335b1f0b38eccd.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 77 KB
77 KB 44ms
43ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/e7a8223952136a6563335b1f0b38eccd.gif
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: fc792e72b748dca1ea6bfa01e071f8cae61046c81a49f0727ef39d4e5e03a576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 02 Feb 2023 09:21:29 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/e7a8223952136a6563335b1f0b38eccd.gif
age: 2791707
edge-cache-tag: 310757176477095042690802128446886353326,478825092893247410870873368102084993909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310757176477095042690802128446886353326,478825092893247410870873368102084993909,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT
expiration: expiry-date="Fri, 06 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 78408
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kjyo7100166-IAD, cache-iad-kjyo7100166-IAD, cache-hhn-etou8220022-HHN
last-modified: Tue, 06 Dec 2022 00:18:43 GMT
server: cloudinary
x-timer: S1675329690.976353,VS0,VE1
etag: "0bbfa070df7fcb892f1fcc884b238a7f"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 37, 1

GET
H2 200 wpn.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v4192/v3/production/ 84 KB
22 KB 241ms
240ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v4192/v3/production/wpn.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v95/myvne_users_redesign.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 095fa7cceb9c3b41a5d4f2ae1915718c855a613036d36b3648be2618c585890d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 05:24:08 GMT
etag: W/"63b65ef8-15156"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sat, 03 Feb 2024 09:21:30 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 111ms
110ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3315255875517188&correlator=1894073711498728&eid=31072017%2C31072024%2C31072030%2C31072041&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CRichmedia%2CKinhdoanh%2Ckinhdoanh.tiencuatoi.detail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C1x1&fluid=height&ifi=3&adks=3076141276&didk=3236254227&sfv=1-0-40&eri=1&cust_params=tags%3Dk%25C3%25AAnh%2520%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%252Cv%25C3%25A0ng%252Cusd%252Cch%25E1%25BB%25A9ng%2520kho%25C3%25A1n%252Cg%25E1%25BB%25ADi%2520ti%25E1%25BA%25BFt%2520ki%25E1%25BB%2587m%252C%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%2520v%25C3%25A0o%2520%25C4%2591%25C3%25A2u%26liston%3D1003159%252C1003179%252C1004903%26article_type%3D1%26article%3D4564117%26category%3D1004903%26cpd%3D5%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dmasterise&sc=1&cookie_enabled=1&abxe=1&dt=1675329689966&lmt=1675329689&dlt=1675329685426&idt=1067&adxs=250&adys=3868&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=4&ohw=1600&ga_vid=611417411.1675329686&ga_sid=1675329690&ga_hid=946454588&ga_fc=true&ga_cid=36675206.1675329686

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ded7fe96b84bcd4bd4c423e259aa64f9d9d3acf02457288a6c0f862e36ace8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9708
x-xss-protection: 0
google-lineitem-id: 6213680815
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138421311219
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 391ms
390ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3315255875517188&correlator=550047033220779&eid=31072017%2C31072024%2C31072030%2C31072041&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CNativeshop%2CKinhdoanh%2Ckinhdoanh.tiencuatoi.detail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C300x250%7C300x500%7C300x600&fluid=height&ifi=4&adks=432526484&didk=16371327&sfv=1-0-40&eri=1&cust_params=tags%3Dk%25C3%25AAnh%2520%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%252Cv%25C3%25A0ng%252Cusd%252Cch%25E1%25BB%25A9ng%2520kho%25C3%25A1n%252Cg%25E1%25BB%25ADi%2520ti%25E1%25BA%25BFt%2520ki%25E1%25BB%2587m%252C%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%2520v%25C3%25A0o%2520%25C4%2591%25C3%25A2u%26liston%3D1003159%252C1003179%252C1004903%26article_type%3D1%26article%3D4564117%26category%3D1004903%26cpd%3D5%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dmasterise&sc=1&cookie_enabled=1&abxe=1&dt=1675329689969&lmt=1675329689&dlt=1675329685426&idt=1067&adxs=1050&adys=922&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=516&ohw=300&ga_vid=611417411.1675329686&ga_sid=1675329690&ga_hid=946454588&ga_fc=true&ga_cid=36675206.1675329686

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d980075cb998187e680e4e95af826439b328b107c131eb3b8f8ee1f674f4de1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11421
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
public.flourish.studio/uploads/246936/ Frame 0904 38 KB
39 KB 46ms
46ms Image
image/png 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/246936/2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f69d003ea553ac3e670195e9e2ad3cbfee34ea9a2878ef3584f9c7c88be07310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: nja9j.58bBUawVY99iak2AbEb.MjVy4S
date: Thu, 02 Feb 2023 05:02:45 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 15526
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 39109
last-modified: Thu, 24 Mar 2022 04:06:11 GMT
server: AmazonS3
etag: "19d1806e6aa8a2d8ed7446f0293d48c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ViXFtk0QhofVjyn8JqXycgQaem2QrgvvL2fkfpQ__IJ8ibfahuJg4g==

GET
H2 204 debug
am-trc-events.taboola.com/fptonline-vn/log/2/ 0
89 B 107ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/fptonline-vn/log/2/debug?tim=09%3A21%3A30.262&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7913&cv=20230131-18-RELEASE&lt=deflated&pct=1
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41389

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C066 0
0 89ms
88ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukBd95SnYuftg9KUlUfP_Ko9UMxZdiOYvh2Nr-nQ2Uugh0ob6V2y6iRg4LsBBdJkvJGYWKKXvhsGAUF7ekFgXT88sCroIBdXKw2BCo4xUciiPwUlQUdxg3GaouD8eJ4bG_S58fQv9b5pyKy29UhLsfkTitb5YpHexOqfJLSTcnE8D1S3ti6JeWnXogx_9Z_h7me6aT1Eip7Obp-c_ifx9rAG-fCm0nCnb1Mr1QeEHAwTCh6v0dBKy9Fsozfkgf-QfGp8YqJr1z71w9OZt_XFnxrtDIlYnmskEBRygkKqMfVQNJ9SUEyDxZv-5PIn31JPM5KkdqmaGuKzIS2nMC3nB9zx8F3P76nK4uW9A7spqU3DdTV92PXQ2Ei8_W_X9VEX2Pcd1MHQKyJJxsrg&sai=AMfl-YQlRR8tGYa53d-tjxLnjBm72i7pXrNZnHMVVgxt5b7MrxQCvrsrlotT3x61KAPdq3SHcsgzXpWTMk1jvl5mtnLWVYzIgyP6AwO9ifO55Sdzsi2WGkVaqrYkbva92Wz9K__EV60DpPRRzSvasQE&sig=Cg0ArKJSzKvOZseOcj2kEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 6375.js Show response
go.trvdp.com/init/ Frame C066 6 KB
6 KB 156ms
40ms Script
binary/octet-stream 13.227.219.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/6375.js?pid=4726
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-63.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7724cda0ca9bde83c679a7a753b3e694368c258509d8fb3d1cbac60164e9ad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:57:02 GMT
via: 1.1 38f6d324a75dff585b0ce25920fd4bda.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 06:58:43 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 2013869
etag: "aa66db84870d068607d21955c287f386"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: IkSBn_LcgAoML1RZetISHrAZ7WvXfHcHLOIG2Qu8uW4juomJD4UeiQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C066 157 KB
48 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 82ms
81ms Stylesheet
text/css 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XrhX3WNIiL58m6bx22dguw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-XrhX3WNIiL58m6bx22dguw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 242 B
572 B 233ms
233ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4564949-3;4565639-1;4565156-1;4565024-1;4564984-3&
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10477inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 783f3df68245db7a9c5bf199c37900265d429fda0be81f67f46d80c5aaa32ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
cache-control: max-age=30
last-modified: Thu, 02 Feb 2023 09:21:30 GMT
server: 10477inhcdd10bf7c7468e873e79ba2ad134
etag: "M0TBcvsZ/hCUcdrx12VGKg=="
content-length: 242
content-type: text/javascript; charset=utf-8

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301181928000/ Frame 78C7 221 KB
61 KB 225ms
57ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61734
x-xss-protection: 0
server: sffe
etag: "5b4f5406239652c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 78C7 15 KB
5 KB 359ms
191ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "47662644ea8653a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 78C7 94 KB
28 KB 361ms
193ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28817
x-xss-protection: 0
server: sffe
etag: "6eb387830c268337"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 78C7 5 KB
2 KB 385ms
217ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "f13d3e1d36b26a3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 78C7 40 KB
13 KB 386ms
218ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12960
x-xss-protection: 0
server: sffe
etag: "f74ebce85e2cb18a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
DATA 200
OK truncated
/ Frame 78C7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc1db64abea939caaf19587e4f03ed00348261f4897fce4de89254a170858bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D0F2 0
0 103ms
90ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRwdQcBYgKplX76f1f8czL9tO3u1-WLrB67ymS0hVFuhn4OgoiuY7A2NCYQmdRfOvPmdHlHKVM_FTfn6IKz5I_i4KDAJFfrJTufuJEQ4mWDO-G4rbgdtBqIb7f9IWJ9_EfqHzt64CLvFRpvBMCjikTqYZwxRLscEGeNNRx06wnsNeAdVTHCjPQ-GsWqaVCqv6chmSnl8A55JjHLlNpQ2bpNAkb47JGYevONp7TUBoje5aM6rkRSD37jU2x_LM6d-J3DSHGGNlLUPO0eZLXwfu8UI3d2BR9b3GbDaZ28iMilXxJ8Enxs5nkQ5KqOysO2MrX0NpuGgsc2g9FesEozGJZJlZ5qCaUAU7qoFHhMpVQd7xtiUeNWZKRvhdi3-qcMaOcc1PeNVBj9w&sai=AMfl-YRzIjILc2b9hgetAld9-mU2CAlKd5dRFXzSACTecO3fUrBXuNESWTHCQzcAZGb-OQ6KVMGe8SgPehuy_8sXGKyKvVlEKcNdZ2hGwDGctn-jLtyyqLNYI18bUp8hHtmXHqFI6CvKgvqt8ajUVUg&sig=Cg0ArKJSzFWKfsZC1N47EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 hb_690161_16089.js Show response
player.hb.selectmedia.asia/prebidlink/465369/ Frame D0F2 436 KB
134 KB 237ms
41ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 9123ac173de088f56e3ebaccf98c4285e5e8190536e124f2ef4634106899b85d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 03:49:05 GMT
server: nginx
etag: W/"63915eb1-6d0ef"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 04 Feb 2023 09:21:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D0F2 80 KB
27 KB 111ms
98ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be6695f912b24456df12e45909353ad53d21ce4f29c76eedd23fb22940ab9a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27561
x-xss-protection: 0
server: sffe
etag: "1470 / 701 of 1000 / last-modified: 1675292875"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 uam2_wrapper_hb_690161_16089.js Show response
player.hb.selectmedia.asia/prebidlink/465369/ Frame D0F2 2 KB
1007 B 331ms
136ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/465369/uam2_wrapper_hb_690161_16089.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 19d225b14e230575ecc063488ffb9e456701ccd6757d2f0a0e49dbc6512fbe7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 14:54:36 GMT
server: nginx
etag: W/"63d92bac-687"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 04 Feb 2023 09:21:30 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame D0F2 193 KB
47 KB 209ms
54ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:28:43 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 21:25:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 3168
x-amz-server-side-encryption: AES256
etag: W/"a32dad266af898d87dd85cf65ca93536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: mUkUD1lJFIkqi0aik1nkkBU49BkCm3N8Hk85c9NNrAD86KrShe7-fQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0F2 157 KB
48 KB 73ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 15145837104939144541
tpc.googlesyndication.com/daca_images/simgad/ Frame 78C7 135 KB
135 KB 257ms
155ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15145837104939144541

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e112c1ce5ff7e0345a95a12df3f67ef53f69d37f7115a0e7783e2b168e69de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 14:22:43 GMT
x-content-type-options: nosniff
age: 241127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138513
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 02:55:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Jan 2024 14:22:43 GMT

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 78C7 3 KB
3 KB 174ms
90ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:34:58 GMT
x-content-type-options: nosniff
server: cafe
age: 60392
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Thu, 02 Feb 2023 16:34:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 78C7 344 B
449 B 178ms
94ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:46:04 GMT
x-content-type-options: nosniff
server: cafe
age: 77726
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 02 Feb 2023 11:46:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 78C7 0
0 103ms
93ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CF-PUmoDbY8k6pJf27w_Cg7ngBOyMk9htotz2o60Q6t2p5g0QASDHx58jYJXCpoKwB6AB2bqL-QHIAQKpAg4S5X54ccc94AIAqAMByAMIqgSGAk_Q6dVwCf6G7GGp7fY_hs7TtYF43SSBSRqaxR1kDjFusset5L-ZNGT62e9wUnfmp_yFl4zJlaW_8nrCqK0JjdkKQUxs1QzeERJauObRUDv7sqJ3KMt4ofGCI-4mKzct8H7waMLI_hWZDA9BZjZjGrQ9REu2muHvxNcnOwdP46awXHnNancDNe67YuaakJSjcKFYKdC7-mK2mbBaaH21k5qOkWTZHaLLzYV63fi8VUiYhHRSuFbrrw8dlpRXsIDSlp69aQks7RADbxKixmqbzvRNTIHTDvZgZtLHsGCUTJBSpgXRpNVMXATqr-TdnlJLrWC-TX6L9a3mGkJQ-6TChHQe97jkjODABOff7saOBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAePxfSGAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMvcEdIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTE0ODEwMTk3NTQxODQ5NTUYz7MT&sigh=TYgGcZWBsOo&uach_m=[UACH]&cid=CAQSSwDUE5ymb7wpI9DG11RMQmZddHHOMuoDkcHUjnOgTGzupGetHIe6R1B6awlo74NdKT1PvAr62XOaJw1lIt6q2drDZRxiYf4cxtvbQxgB
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301181928000/ Frame 1314 221 KB
60 KB 232ms
114ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61734
x-xss-protection: 0
server: sffe
etag: "5b4f5406239652c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1314 15 KB
5 KB 222ms
220ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "47662644ea8653a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1314 94 KB
28 KB 222ms
221ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28817
x-xss-protection: 0
server: sffe
etag: "6eb387830c268337"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1314 5 KB
2 KB 233ms
232ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "f13d3e1d36b26a3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1314 40 KB
13 KB 234ms
233ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12960
x-xss-protection: 0
server: sffe
etag: "f74ebce85e2cb18a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1314 3 KB
3 KB 217ms
152ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:34:58 GMT
x-content-type-options: nosniff
server: cafe
age: 60392
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Thu, 02 Feb 2023 16:34:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1314 344 B
402 B 205ms
154ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:46:04 GMT
x-content-type-options: nosniff
server: cafe
age: 77726
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 02 Feb 2023 11:46:04 GMT

GET
DATA 200
OK truncated
/ Frame 1314 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00102285db9623b3e892722351fc016242cff5029cda50229f8b046df3445cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9304032762426478131
tpc.googlesyndication.com/simgad/ Frame 1314 115 KB
115 KB 95ms
44ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9304032762426478131?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmO0sFIaryVnF4-Oh9k42SLB7dBDA

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d163a380f9580a18ebc0f30c69f913f5fa2adea7bfa345503e851a10f561c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 14:30:05 GMT
x-content-type-options: nosniff
age: 240685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117400
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 02:54:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Jan 2024 14:30:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1314 0
0 110ms
110ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-WI_moDbY6e7ArSn9u8PxpmkgA7sjJPYbdLb9qOtEOrdqeYNEAEgx8efI2CVwqaCsAegAdm6i_kByAECqQIOEuV-eHHHPeACAKgDAcgDCKoEhQJP0Fwg2e2ntnQX9MpL-4I6N8ZZok3Va1y4zCTH05DNjqhyZJSwam9sGzPIMxEWz0Qx3r5H3zTjvYQGnRFS-rFZ1-u_39nKsQIvJWiG_FpvqYU13cEw8pj-TqzSNQOpJF1UV73eucEwGDrbdqDiAYbn9ZWDJnuzwFARZZM3qhcn359Nj9e-vzq0A-Ijrb6153K4JJsVPgl25JjHcqNTSV0MMUU8O6G3nYWmVt8V9_6JnauhWm7YLBFyz_aFL0Su0kyUcyFN3PzwpB3xHAy1R1d6CKuMfreS7jiqRTgHPQ55lcsSYG5732IKrSww5Jm-6Be__9ZGivFNXWPuomb0JDKDnkwreyzABOff7saOBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAePxfSGAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEObVDNIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTE0ODEwMTk3NTQxODQ5NTUYz7MT&sigh=lvb6SaZJE8M&uach_m=[UACH]&cid=CAQSTADUE5ymZMOEVOlvc9TCZF5UPJo5NchjGqtjS2bpZM4ubgAs3iEiUoeSZMjSqeVOihZyBlNlcgU8FwU6_G0NpUYbVJECS_6-3z3uwE8YAQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 233A4431-1675127823.jpg
vcdn1-kinhdoanh.vnecdn.net/2023/01/31/ 37 KB
38 KB 1191ms
474ms Image
image/jpeg 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2023/01/31/233A4431-1675127823.jpg?w=300&h=180&q=100&dpr=1&fit=crop&s=5ckxF9UOrB5uYNS7VuEpew
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: df16100b69ba78ccf7b7d734ea78814b64992f7479564ba0029528c68eca5ea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:31 GMT
last-modified: Tue, 31 Jan 2023 02:29:47 GMT
age: 0
x-cache: MISS
x-handle: 249-19
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 38206
expires: Wed, 08 Feb 2023 11:27:20 GMT

GET
H2 200 QUYN8923-1675240243-7376-1675240283.jpg
vcdn1-kinhdoanh.vnecdn.net/2023/02/01/ 25 KB
25 KB 1142ms
466ms Image
image/jpeg 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2023/02/01/QUYN8923-1675240243-7376-1675240283.jpg?w=300&h=180&q=100&dpr=1&fit=crop&s=876NA1bNmI8rt9jEKObBOQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: c5f617b19f81c10606962b0976952f582cfea4561d00e1986d618d14bee10901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:31 GMT
last-modified: Wed, 01 Feb 2023 08:31:37 GMT
age: 0
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 25820
expires: Wed, 08 Feb 2023 11:27:20 GMT

GET
H2 200 img-0130-jpg-1675155817-7398-1675155826.jpg
vcdn1-kinhdoanh.vnecdn.net/2023/01/31/ 28 KB
28 KB 1031ms
487ms Image
image/jpeg 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2023/01/31/img-0130-jpg-1675155817-7398-1675155826.jpg?w=300&h=180&q=100&dpr=1&fit=crop&s=WO_CgfovE62GrnqkZG8ofw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 4ae92596e207654c9980013b91f40cb28b6651916b6472892a85573932c134ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:31 GMT
last-modified: Tue, 31 Jan 2023 09:03:54 GMT
age: 0
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 28441
expires: Wed, 08 Feb 2023 11:27:20 GMT

GET
H2 200 viathantai-4-jpg-1675135798-4360-1675135840.jpg
vcdn1-kinhdoanh.vnecdn.net/2023/01/31/ 78 KB
78 KB 1004ms
487ms Image
image/jpeg 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2023/01/31/viathantai-4-jpg-1675135798-4360-1675135840.jpg?w=300&h=180&q=100&dpr=1&fit=crop&s=5Q7KrgAbJFwUGQovU7pT2A
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 0556593d45f8d74694d7df220eaf221ebb780fa1341f22a05c908774eccd9e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:31 GMT
last-modified: Tue, 31 Jan 2023 03:30:45 GMT
age: 0
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 79867
expires: Wed, 08 Feb 2023 11:27:20 GMT

GET
H2 200 viathantai-14-jpg_1675132827-1675133824.jpg
vcdn1-kinhdoanh.vnecdn.net/2023/01/31/ 84 KB
85 KB 981ms
559ms Image
image/jpeg 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2023/01/31/viathantai-14-jpg_1675132827-1675133824.jpg?w=300&h=180&q=100&dpr=1&fit=crop&s=IM9yknlRno9Da9URuHAu9g
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 09d10d0ccfe4487ce5c7ea35626a2af092a85d8c99054de6086e62197ad178fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:31 GMT
last-modified: Tue, 31 Jan 2023 02:57:36 GMT
age: 0
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 86021
expires: Wed, 08 Feb 2023 11:27:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 79ms
79ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=946454588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ul=en-us&de=UTF-8&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article%20Link%20Display&ea=Box-XemNhieuNhat&el=Item-0&_u=aGDAAEABQAAAAGAEK~&jid=1962506636&gjid=470365040&cid=611417411.1675329686&tid=UA-50285069-28&_gid=36675206.1675329686&_r=1&_slc=1&gtm=2wg1u0N3FNJF&cd1=1003159&cd5=ek9st41vtq3wuoyy.1675329687.des&cd7=Kinh%20nghi%E1%BB%87m&cd8=Article&cd9=4564117&cd10=1700000426&cd12=20230131005550&cd14=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%2C%20v%C3%A0ng%2C%20USD%2C%20ch%E1%BB%A9ng%20kho%C3%A1n%2C%20g%E1%BB%ADi%20ti%E1%BA%BFt%20ki%E1%BB%87m%2C%20%C4%91%E1%BA%A7u%20t%C6%B0%20v%C3%A0o%20%C4%91%C3%A2u%2C%20b%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20no%CC%81ng%2C%20T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh%2C%20Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cd17=No&cd19=Web&cd21=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F&cd22=1&cd24=0&cd25=text&cd26=&cd27=Kinh%20doanh&cd37=1004903&cd66=0&cd71=0&cd76=3495&cd77=1077&cd78=B%C3%A0i&cd80=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&cd81=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cd84=Ch%E1%BB%A9ng%20kho%C3%A1n%2C%20B%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20n%C3%B3ng&cd85=3761%2C%204072%2C%20980&cd55=611417411.1675329686&cd32=Box-XemNhieuNhat&cd33=Item-0&cm9=1&z=959810931

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 79ms
78ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=946454588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ul=en-us&de=UTF-8&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article%20Link%20Display&ea=Box-XemNhieuNhat&el=Item-0&_u=aGDAAEABQAAAAGAEK~&jid=891757629&gjid=244506593&cid=611417411.1675329686&tid=UA-169360081-2&_gid=36675206.1675329686&_r=1&_slc=1&gtm=2wg1u0N3FNJF&cg1=Article&cg2=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cg3=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&cg4=Kinh%20doanh&cg5=Kinh%20nghi%E1%BB%87m&cd1=1003159&cd2=Kinh%20doanh&cd3=1004903&cd4=Kinh%20nghi%E1%BB%87m&cd5=Article&cd6=Web&cd9=ek9st41vtq3wuoyy.1675329687.des&cd11=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F&cd12=4564117&cd13=text&cd14=20230131005550&cd18=Ch%E1%BB%A9ng%20kho%C3%A1n%2C%20B%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20n%C3%B3ng&cd19=T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh&cd20=Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&cd55=611417411.1675329686&cm2=1&z=259748170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 55ms
55ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-57577CKS2C&gtm=2oe210&_p=946454588&cid=611417411.1675329686&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675329686&sct=1&seg=0&dl=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&dt=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%20n%C3%A0o%20sinh%20l%E1%BB%A3i%20t%E1%BB%91t%20nh%E1%BA%A5t%20t%E1%BB%AB%20Covid-19%20%C4%91%E1%BA%BFn%20nay%3F%20-%20VnExpress%20Kinh%20doanh&en=Article%20Link%20Display&_c=1&ep.article_publish_date=20230131005550&ep.article_author=&ep.article_tags=K%C3%AAnh%20%C4%91%E1%BA%A7u%20t%C6%B0%2C%20v%C3%A0ng%2C%20USD%2C%20ch%E1%BB%A9ng%20kho%C3%A1n%2C%20g%E1%BB%ADi%20ti%E1%BA%BFt%20ki%E1%BB%87m%2C%20%C4%91%E1%BA%A7u%20t%C6%B0%20v%C3%A0o%20%C4%91%C3%A2u%2C%20b%C3%A1o%20ch%C3%AD%20d%E1%BB%AF%20li%E1%BB%87u%2C%20Tin%20no%CC%81ng%2C%20T%C6%B0%20v%E1%BA%A5n%20%C4%91%E1%BA%A7u%20t%C6%B0%20t%C3%A0i%20ch%C3%ADnh%2C%20Ph%C3%B4%CC%89%20bi%C3%AA%CC%81n%20ki%C3%AA%CC%81n%20th%C6%B0%CC%81c&ep.data_event_category=Article%20Link%20Display&ep.data_event_action=Box-XemNhieuNhat&ep.data_event_label=Item-0&ep.data_variant=A&_et=4461
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C066 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a7f104fbc5dd3238bff841a356e5aa72ab37b44c6e181be48b62affc6b183d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 51ms
50ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-50285069-28&cid=611417411.1675329686&jid=1962506636&gjid=470365040&_gid=36675206.1675329686&_u=aGDAAEABQAAAAGAEK~&z=1616479249

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/fptonline-vn/log/3/ 0
299 B 56ms
52ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/fptonline-vn/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230131-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:30 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220022-HHN
server: nginx
x-timer: S1675329691.591693,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://vnexpress.net
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame D0F2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f661d058ce83c10c34c0f43880858e37c052cfc33ac817b0f52d3c12740b1052

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 p.php Show response
stg.truvidplayer.com/ Frame C066 3 KB
2 KB 453ms
321ms XHR
application/json 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1484&wid=6375&cb=7011.601982179399&pid=4726&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6375.js?pid=4726
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 3d8c114cbd9f0ed48579b7dfae450fbd98d38117b32b2425b60e8c4c3c3fb340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
x-amz-cf-id: hjnN_ZlQ85ZsURqjdnQndVM-3xszl6G2TsI0MfvfPG_M3lcl5R2m_w==

GET
H3 200 pubads_impl_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D0F2 386 KB
130 KB 55ms
55ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133524
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 21:44:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame D0F2 4 KB
1 KB 87ms
86ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3529321f83e4e37cf72d41ba6cd8237463a89a6fd5415554c948b58defaea015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 912
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 66ms
64ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50285069-28&cid=611417411.1675329686&jid=1962506636&_u=aGDAAEABQAAAAGAEK~&z=1271297903

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 90ms
88ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50285069-28&cid=611417411.1675329686&jid=1962506636&_u=aGDAAEABQAAAAGAEK~&z=1271297903

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C066 0
0 88ms
87ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN9t70kgE0qHOCmw610Bg8rRO6Kr35xcuRXNxfZNunT52AlaGMjB90mz9WeqBJWcFIdWgPiKDuAf-lg-92pDEbBPMlN28g0gTVkSWyO26uVFkPu_E9a6xGHAUuLkNaF6NEEL6OuO3TB2w_7-TNKR4NrVM-jlgnbRIBjJPvQp6dbGcoYQl2tcg8T4zwB0fB2lC16NVaW9vNHiSpoQqFbNIBxbUPdi5OJD9xsLBzUBY5cSpAVwgeFqRtAP4cJC2_AoendR5F0tjTVs6LnPGITgh5orwFoIZ2SrjDPLrxHqTYDfuTmjYsMx5ebgxMoQTUsPCLriqham8FqwIEqK4NEUsWp_AznxPJY2GJQQvtxSaemfUM_-bhR9nCYCmTsFV-5GUnorzKKFXUTpvKKBb-&sai=AMfl-YTW9Z1nwmsdoyDJBHcQRLNNVCtwocJHmBMeZHTevCJbz5Y6tN-Y39y54DJPDVh1ZPiXevprWqkNUeEwXUV-hPsx_o6WSncTyvneZXgIaCZkAUChjBrEeVXHsf-AxqdU35H1ecPPItWhE5unC9o&sig=Cg0ArKJSzN4r4ZD_CS7qEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:30 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 630ms
316ms XHR
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-162fb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 09:21:31 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame D0F2 2 KB
2 KB 61ms
61ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:41:08 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 6022
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: Ak9rw_XhQ9sWcQPZ67FPcbYyVcA-Gf1QR8f3JCpwnaXqyLuowf0iug==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D0F2 6 KB
3 KB 160ms
67ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 03:57:09 GMT
x-amz-cf-pop: VIE50-P1
age: 19471
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: V47RauGT8aTR34eV06H6jcacM0cgUF9_YTsvSGVzbvqoTqNk1HPsag==

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 78C7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

95ms
93ms

Image
text/html

2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

tag Show response
btloader.com/ Frame D0F2
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

47ms
47ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2897
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BwtXfBgfPwyMwL8LCsHG9YX3pbhpDaZbcKB5CJVvwmzENyJ1%2B93OsgWMxWoWOCOZK0nLTSf6hmRJvWFvcKJakDqcpwUOZTQV8chOkgbXrcY%2B%2Fxtb6OdkYB4AbumHeHRTdHd8WBsoxl6lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931db68ebeb925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:30 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2896
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2bfoVBUIPd3Gtkgf%2BizY59DwJ%2FCaf%2FP3lHhWYA2vV1OCirrXzk1ZrMSbi7iZKIT2xPbhjrV0mU0OyKzrKX3w7isH2chTphmq0K5%2ByXahHVD6RvYe536b9Pk9iyyq18g1ighDUz1Zsa%2FGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931db687b8d925c-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame D0F2 54 KB
17 KB 227ms
45ms Script
application/javascript 104.103.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.89.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-89-173.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 02 Feb 2023 09:36:31 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame D0F2 32 KB
10 KB 146ms
41ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 978
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: UF06eiC50gcuZqpIUfYQbuBatOLAZoAeBkrkxgjui_fuAfwxFYeFNg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame D0F2 57 KB
17 KB 157ms
50ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 657
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931db68781c3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1314
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

92ms
92ms

Image
text/html

2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Thu, 02 Feb 2023 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 hbw_master_690161_16089.js Show response
player.hb.selectmedia.asia/prebidlink/19390/ Frame D0F2 96 KB
32 KB 58ms
57ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_690161_16089.js
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/uam2_wrapper_hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: fe728663ede3fae6441ace72b929ac6661d5b28e167ca81cd8209f5a4a4ede73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:30 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 14:54:36 GMT
server: nginx
etag: W/"63d92bac-180e1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 04 Feb 2023 09:21:30 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/305666/ Frame D0F2 26 KB
11 KB 195ms
51ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/305666/config.json?cb=https%3A%2F%2Fvnexpress.net
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4172333cd43faee1ccf45c6c95c3f3cb8bf0ae0b96da4ab0e1183dd3acd66295

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 04 Feb 2023 09:21:31 GMT
date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 12:01:19 GMT
server: nginx
etag: W/"63da548f-67e1"
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 200 62978707 Show response
mc.yandex.com/webvisor/ 43 B
145 B 88ms
87ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/62978707?wv-hit=684049679&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1675329691%3Aw%3A1600x1200%3Av%3A960%3Az%3A0%3Ai%3A20230202092131%3Au%3A1675329686164661259%3Avf%3Asmv4ejgykhrjvgldb09nr%3Ast%3A1675329691&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 02-Feb-2023 09:21:31 GMT
content-type: image/gif
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 09:21:31 GMT

GET
H/1.1 200
OK / Show response
ghb.hb.selectmedia.asia/geo/ Frame D0F2 139 B
408 B 460ms
46ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/geo/
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ff8e854dad325d8864dac7080788482bd051eec2c66c2b1d01e20c6d79196db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:31 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 139

GET
H/1.1 200
OK tracking Show response
ghb.hb.selectmedia.asia/adunit/ Frame D0F2 43 B
434 B 460ms
47ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/adunit/tracking?event=11&type=0&client_id=690161&site_id=16089&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fvnexpress.net&adid=mw1itr.gp&features=81952&vpbv=N117&tte=694&lifecycle_tte=701
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:31 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame D0F2 60 B
332 B 195ms
62ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f21fd7e2e301760daf41de604003df69d5955858eababfb499d7d137f764a0a6

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.6.184
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame D0F2 33 B
400 B 138ms
40ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

1015fc63defe7455bf4ad13f8ad62b652c4438adc04d0fd4d83a51014e9f9455

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ Frame D0F2 34 B
280 B 441ms
40ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lbs.eu-1-id5-sync.com/lbs/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

c8c714a9c23a9bfbe6547715924222b653a606199dd7f0b516f2d3aca840df50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 2 Feb 2023 09:21:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
vary: Origin
content-type: application/json

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.799/ 466 KB
128 KB 156ms
44ms Script
application/javascript 52.222.139.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.799/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6375.js?pid=4726
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-13.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b24ba59c742394e93e2e36f96f656da2c2141a082ace1e3a71873fc755cb050a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:41:08 GMT
content-encoding: br
via: 1.1 7759c849c7040f0b6b78f9d2199c04ca.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 09:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1809624
etag: W/"922e444c4350bd6d0ffc27f17a9942cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: cKv2WZce96tex-muqoOk76gJpdar5GXpvw_u7Sz_Zc_JaR5Vbr5GYw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D0F2 0
0 87ms
87ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8zJmgFKwe75AlZOiSqy5glBmZ5ebwORrMrzssHOOFV_s_XnKIwwL0y_HSkY4HOrt_Ryk5W9GH5LeehJDiT7mgH1vjgBMQrFpVmsYbpiFHa5DcVObdwekB54rfWOblIG4EzUPSNmDQXgnuQyyrENg6LA1bQo0DAZkAePDaGBJ3XSykANxS-cqc_VdVKdf9H2qOI0KLMKL2edP6Iy2XrcY2kbhbeEqFHz2Q6K0CP7Z_MSBywtzqT1lFbWKQyfGms4DTQsf8upYG337iTqychYJJsOy2_4DCGAYAQ0KsD3wi3e6MlH8NEPGm3TzanBdwO1RUSO8fKv6x96SsCSxTMCkx3UxIGTk2BB4EUMcx6Nm93BwOgBMypl6sKvmv8nyQeGYlmXFNhtdeYFq-&sai=AMfl-YSMSN5TTEuoMH-ojnqd6dsChKGKTzXBXEu7UxO3kLEA9C3lbLJjeTIsK03GMimfRQtFTYuWqcpwok_Gu8j8Z_eqzqWsSBHF4OjYqgGca-K9VXaAG0LeU51pCRHwVxF4DIm61gmt4Bu3d82kZTY&sig=Cg0ArKJSzA1qsAGsGB3PEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:31 GMT

GET
H/1.1 200
OK getusersprofile Show response
my.vnexpress.net/apifrontend/ 2 KB
976 B 1534ms
468ms Script
application/json 180.148.134.72
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.vnexpress.net/apifrontend/getusersprofile?myvne_users_id%5B%5D=1002720980&myvne_users_id%5B%5D=1005924172&myvne_users_id%5B%5D=1054565936&myvne_users_id%5B%5D=1057100486&myvne_users_id%5B%5D=1079749545&cache=1&callback=InteractionCallback
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/libs/zepto.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 180.148.134.72 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: myvne_web_134_67 /
Resource Hash: c087998dab408d9dfb6df202fb80e3e7d7a885e7d961d7c536dd39fec5628ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 09:20:09 GMT
Server: myvne_web_134_67
ETag: 5f825dd6518c4323ee53170683bd0122
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=300
Connection: keep-alive
Keep-Alive: timeout=60

GET
H2 200 Thumb-Up-Normal.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/images/graphics/ 916 B
990 B 235ms
235ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/images/graphics/Thumb-Up-Normal.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/comment_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 64fffe4a3746399ac999b2ee63f1d06314359db96fbbab98ab7a46a5aeffb1b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/comment_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:31 GMT
last-modified: Thu, 17 Feb 2022 08:51:35 GMT
age: 0
etag: "620e0c97-394"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
content-length: 916
expires: Thu, 02 Feb 2023 09:26:31 GMT

GET
H2 200 Reply.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/images/graphics/ 1 KB
648 B 228ms
228ms Image
image/svg+xml 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/images/graphics/Reply.svg
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/comment_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: 718cc1c0dd6ce6d8f0b4598180f7b7712d88ee7c66fdb8bbc6998c398050b886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1771/v2/wcomment/pc/vne/comment_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 08:51:35 GMT
age: 0
etag: W/"620e0c97-406"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:31 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
739 B 39ms
39ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 02 Feb 2023 09:21:31 GMT
via: 1.1 varnish
x-amz-request-id: RXPPRCR6WSZ12407
age: 26138
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 6HRI7LUqTe5ZMnAAeDpkOqm2g/lgGiuzwqHLIoWfYP0ln7ampDPEtLDVJn9C0zLIy0PK+xJJTPA=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1675329691.288376,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 23
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 17030

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
722 B 669ms
153ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=vnexpress.net&l1=6375&l2=vnexpress.net&l3=DE&l4=desktop&l5=5.799&cb=0.8684469630830685
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.799/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:31 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://vnexpress.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 39ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230131-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Feb 2023 09:21:31 GMT
x-amz-request-id: XZ48AY8MC3YY614W
age: 749
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ZXMXCLJsczBoyw0v63m27AWkI94Y95ukWIGwlplqNEpaniQj72rR0y3rlTEcSHyevflymKnOHpA=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1675329691.467814,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 23
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 7378

GET
H2 200 / Show response
pips.taboola.com/ 64 B
243 B 149ms
40ms XHR
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c9d1030be753873dbf9c353c21a26d0dbaf705ed62c9c7d5c0259c730605ccbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220073-HHN
date: Thu, 02 Feb 2023 09:21:31 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://vnexpress.net
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

POST
H/1.1 200 755.json Show response
id5-sync.com/g/v2/ Frame D0F2 216 B
623 B 138ms
41ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/755.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

c65de6dd961fcf526151ba40e7a2326547321f4aafbf181354b3c5607f8dc733

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame D0F2 23 B
461 B 293ms
149ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=c31fFnjAv8MeR&cb=0&ws=300x250&v=23.127.1625&t=1900&slots=%5B%7B%22sd%22%3A%22gpt-passback%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F84772874%2Fvnexpress_hb_300x250%22%7D%5D&schain=1.0%2C1!selectmedia.asia%2C6114e7fefe75f2098548cc72%2C1%2C%2C%2C&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:31 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: BPCS5ZBH9TAFRK5CRH54
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UWw3Y3s52dcSJ5HekivCNZBUiIKkoJR2wzm3IOBSniQxDtU556kqLw==

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame D0F2 483 B
1 KB 147ms
48ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:31 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 751818
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJD5NzFOvAE%2FbuyPgrBHr5zfOQX4ln7jMEiA76qxlGlcnEEJkivtowHWGSUn5ID1klotrO%2FcBPmfHpWK6LnWJb5zFwz%2FCkd5jFgpdV%2FtrRIGZNGZR6%2FyuQbbJzAGDc%2Fj%2F4saZ5D4NE4eDHrd"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7931db6cdcb068f2-FRA

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 478ms
50ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Feb 2023 09:21:32 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 153ms
39ms Preflight 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 02 Feb 2023 09:21:31 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame D0F2 19 B
521 B 196ms
44ms XHR
application/json 18.196.123.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.4&referrer=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&tmax=2000&gdpr=false

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.123.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-123-254.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame D0F2 0
58 B 55ms
54ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame D0F2 0
168 B 156ms
50ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Thu, 02 Feb 2023 09:21:30 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D0F2 323 B
647 B 318ms
170ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2715466&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a142018b-6df6-4cb3-a49b-0ee20d386670%5E1&rf=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&tg_i.pbadslot=%2F84772874%2Fvnexpress_hb_300x250%23gpt-passback&tk_flint=pbjs_lite_v6.25.4&x_source.tid=54852145-8f2f-4057-a243-7eb8ceb17117&l_pb_bid_id=98a5371d60e87f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F84772874%2Fvnexpress_hb_300x250%23gpt-passback&slots=1&rand=0.8318199772548023
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 384fd2ce3c15595fc058cb033000437080bb777a1567c8d63b42e445f15d37fd

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 323
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame D0F2 0
176 B 135ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:31 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 arj Show response
select-d.openx.net/w/1.0/ Frame D0F2 174 B
588 B 296ms
174ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://select-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=54852145-8f2f-4057-a243-7eb8ceb17117%2C54852145-8f2f-4057-a243-7eb8ceb17117&nocache=1675329691547&gdpr=0&pubcid=a142018b-6df6-4cb3-a49b-0ee20d386670&schain=1.0%2C1!selectmedia.asia%2C6114e7fefe75f2098548cc72%2C1%2C%2C%2C&aus=300x250%2C300x600%7C300x250%2C300x600&divids=gpt-passback%2Cgpt-passback&aucs=%252F84772874%252Fvnexpress_hb_300x250%2523gpt-passback%2C%252F84772874%252Fvnexpress_hb_300x250%2523gpt-passback&auid=541148923%2C541148923&aumfs=0%2C400
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: afd9efdaf2a058efe61f9f1bd8e4d4546ca08d56446779e4cd2199a68548fb4b

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame D0F2 24 B
524 B 152ms
50ms XHR
application/json 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 419c738b818a3f2916ded575ddaa1bb10a646297cdf3dd9f1cb26ced593a31af

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Feb 2023 09:21:31 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ Frame D0F2 0
210 B 497ms
172ms XHR
text/plain 18.192.227.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=17355&adtype=banner&auc=gpt-passback&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&l=en&dt=1&pid=62183&requestId=1810ac8d64e38a3&schain=&bidfloor=0&d=vnexpress.net&sp=https%253A%252F%252Fvnexpress.net%252Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.227.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-227-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:32 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D0F2 139 B
943 B 40ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f3147e19d405d567f9ee51f7261d798b2a649598a2ecc3ae80378729b47ac491

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:31 GMT
AN-X-Request-Uuid: 0f270dec-6870-45f8-bb84-df78112a85ab
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame D0F2 66 B
140 B 126ms
124ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a6681d0e699105ecd3934ea5bb45b63e48ae030cc626c3f036092033cbd5aa58

Request headers

Referer: https://vnexpress.net/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
content-length: 82

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame D0F2 94 B
622 B 514ms
416ms XHR
application/json 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 2c2c3d9887c9064b4635bd6e1dd3db0a3024a9ae2c1981d65cf3756ebb196b8b

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Feb 2023 09:21:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ Frame D0F2 62 B
503 B 275ms
89ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941e0182823a9a983f7276e60088&pos=8a9695f10183835661c65fe502f70084&cmd=bid&secure=1
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: efde7dd73300d8b31e7a2c1ed2e2c47f97a8403a0adfc12cb74a38785afac197

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
content-length: 79

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ Frame D0F2 174 B
587 B 283ms
160ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=54852145-8f2f-4057-a243-7eb8ceb17117&nocache=1675329691554&gdpr=0&pubcid=a142018b-6df6-4cb3-a49b-0ee20d386670&schain=1.0%2C1!adtelligent.com%2C556372%2C1%2C%2C%2C&aus=300x250%2C300x600&divids=gpt-passback&aucs=%252F84772874%252Fvnexpress_hb_300x250%2523gpt-passback&auid=541177132
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e7d5986fc7bd4b31a1d4efe6f0ef42cf42b1a2a2be6c88839c6e0c968fae30d8

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame D0F2 0
58 B 55ms
55ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame D0F2 0
407 B 226ms
91ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame D0F2 37 B
562 B 190ms
56ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=740309&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234a3818daffa77c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%2C%22page%22%3A%22https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.4%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236cd053435c5932%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22740309%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F84772874%2Fvnexpress_hb_300x250%23gpt-passback%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%226114e7fefe75f2098548cc72%22%2C%22hp%22%3A1%2C%22rid%22%3A%22cf8f7db5-3fb5-4076-94cd-be6e57dc52e9%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a142018b-6df6-4cb3-a49b-0ee20d386670%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f80da76887276bd6d3a21ed79714d2007997d140d6982b982b9342397604db

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5jgGCl1hCkPOjWLGR2qot4E7i05fFNyJaKyK1ivNyQA7%2BWLSZUwR01m%2FFKHNqeoYGxnuJJ5IoygLsqRbVcma4F1L3hGpmaBTEKxszhCM2AAgF9m%2BRgJdocIosPrx9oQA7gWMfGg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931db6d3b5639ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame D0F2 15 B
361 B 140ms
44ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame D0F2 2 KB
2 KB 269ms
153ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 674adc1bd786348ee8221b18ddfb4e3531df5995fac4da44a4ad909b774ca646

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:31 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D0F2 323 B
872 B 294ms
161ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=385896&zone_id=2149448&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!selectmedia.asia,6114e7fefe75f2098548cc72,1,cf8f7db5-3fb5-4076-94cd-be6e57dc52e9,,&eid_pubcid.org=a142018b-6df6-4cb3-a49b-0ee20d386670%5E1&rf=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&tg_i.pbadslot=%2F84772874%2Fvnexpress_hb_300x250%23gpt-passback&tk_flint=pbjs_lite_v6.25.4&x_source.tid=54852145-8f2f-4057-a243-7eb8ceb17117&l_pb_bid_id=42a8e239e37fb58&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F84772874%2Fvnexpress_hb_300x250%23gpt-passback&slots=1&rand=0.5437639573415074
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 42e3da34691e3534a6906b65f079c00bbaa930376f8c46c188420e0479cc84c4

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 323
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D0F2 323 B
647 B 301ms
168ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=371986&zone_id=2032224&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!selectmedia.asia,6114e7fefe75f2098548cc72,1,cf8f7db5-3fb5-4076-94cd-be6e57dc52e9,,&eid_pubcid.org=a142018b-6df6-4cb3-a49b-0ee20d386670%5E1&rf=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&tg_i.pbadslot=%2F84772874%2Fvnexpress_hb_300x250%23gpt-passback&tk_flint=pbjs_lite_v6.25.4&x_source.tid=54852145-8f2f-4057-a243-7eb8ceb17117&l_pb_bid_id=43651bc5571f809&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F84772874%2Fvnexpress_hb_300x250%23gpt-passback&slots=1&rand=0.9145702068417338
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ff605a73cba2b89a2def6a3d60c292b19fc9a347f0ea031ec028fbadc7e7121e

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 323
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D0F2 360 B
1 KB 77ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e8cb0d7e83c435a7d8eb0d1f980eba0e46f88acaab19a3545486fb3e51dbe5bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:31 GMT
AN-X-Request-Uuid: b8c4063f-ead5-43d8-bd58-e2fe2e2fc174
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 360
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 559ms
112ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=79cfba38-7e45-4eae-bb73-24abf4ffda79-tuctad50619&uad=d5792801335f11b32a948d51b64bb655b16f8767f5837f2be4c406715994752f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Feb 2023 09:21:32 GMT
cache-control: no-store
server: nginx

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame D0F2 74 KB
23 KB 217ms
58ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:31 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 107657
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0FzrKjetPLDpJmW5oBv08JXxCZlcbE%2FDlplykebtBZFnzs1QGa9DCyaSp0mRHW6ufg%2Bo1sPmvb3QAGXF4%2FDGT0egsunvM4dAVjtlAJSK4mHP0lttcM2onIVW%2FPJoiNU5gJ26er6vX1w8m4M"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7931db6e2e513a92-FRA

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 78C7 42 B
404 B 169ms
80ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4tsvTNTSzZhLPlXvDkwInZNjsrWaAX-J564G4ARKnv-Xa-DWPecJKWxGRh-dJeoD7aWayON9pLlS2lNUAr6Nn0qTFjO0eRYsz_IDzlXy-WpeBDZbus09KURzNwvTofO0PnfYPd9nGRCn80JROU9VV3JjPJau5LzGX&sai=AMfl-YRdOklx73D8MXFMDtDVavu4ATLULIEmNeATm0tGhK8e-HneCGoDO94Zvmh-RlyzaFtDlPjJg6s_dGU9opi1zP471bU70KMYWLb0RteG-J-ff5vzeB1AKR0--m8crtheoRb4olIo8sy1SByh&sig=Cg0ArKJSzHqQAzUta1vQEAE&cid=CAQSSwDUE5ymb7wpI9DG11RMQmZddHHOMuoDkcHUjnOgTGzupGetHIe6R1B6awlo74NdKT1PvAr62XOaJw1lIt6q2drDZRxiYf4cxtvbQxgB&id=ampim&o=276,10&d=1048,270&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=675&tls=1676&g=100&h=100&tt=1676&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158804
https://image8.pubmatic.com/AdServer/ImgSync?p=158804&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REQyRjdCNTQtQjFBNi00MTdBLTg4RjMtN0JCQzZBMkVEMDE4&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
319 B

47ms
46ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Thu, 02 Feb 2023 09:21:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D0F2 42 B
404 B 169ms
77ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSgWU-wVlELSMz8lLNDMT6Sqy_NHhbSVkNAxIlkZ7IHdg67cfVdZuW-N2_3U-flFiGvffReHV_JLPUxMFgVcxSZOcwgYT0kPJX-chSW9GjE5OwfxmM&sig=Cg0ArKJSzJ1DHzLlcT6JEAE&id=lidar2&mcvt=1001&p=411,1050,661,1350&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1045740163&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675329690360&rpt=744&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D0F2 107 B
165 B 65ms
54ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D0F2 107 B
165 B 58ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D0F2 51 KB
20 KB 118ms
118ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4295641217747621&correlator=1961819461622131&eid=31071825%2C31072021%2C31072043%2C31072044%2C21065724%2C44769661&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=84772874%2Cvnexpress_hb_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=1&adks=3525414890&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dc6e5b1dc46c14ea8%3AT%3D1675329690%3AS%3DALNI_Ma3MoCjsKMaLWlGwWbHt0FY-rQzlw&gpic=UID%3D00000bae12e6a6e5%3AT%3D1675329690%3ART%3D1675329690%3AS%3DALNI_MYORA8NesIqT39p8SOl4l9sop8_LA&abxe=1&dt=1675329692183&lmt=1675329692&dlt=1675329690360&idt=512&adxs=1050&adys=411&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=yx53mq3qrurf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ref=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&top=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&frm=23&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=36675206.1675329686&ga_sid=1675329692&ga_hid=1949898431&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56f7ed2e698c537697f7c77a954b8b9e8f4f2eeb3b902ee773e1da4dc2a56675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20358
x-xss-protection: 0
google-lineitem-id: 6048581704
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395716889
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D0F2 15 KB
11 KB 121ms
88ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12aec86d620097c1f209b45ce24d3fe83530753c734437d28eb73e98ed9b77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11211
x-xss-protection: 0

GET
H2 200 container.html Show response
0d15eeaaf8e1c7cb9cd5564124c201b6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 14A8 6 KB
3 KB 156ms
86ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d15eeaaf8e1c7cb9cd5564124c201b6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:32 GMT
expires: Fri, 02 Feb 2024 09:21:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CC5 0
0 89ms
88ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBkmVt92O_SxYWvR0HWEsMm5Jrtup-gN7kOHF4aI9v3_kCoZKe94bcrMdomyRdJIBudzK9MF6TrXdL8pJWcvSHeJYRQrWVduOjY__hhEx3iS8cPjSfs9PykB1CA2LDijrEYit4dw70YSz9zPeM0TZSyhr4TrDBmgjWmNwMtDtFiJQDDoJS0Lt0UaBHpvma5c7Hff-N-0jhOcvVMDJtnkJNqcXD1blUxT8G-waE3_C3kk1N7EzM4knDDmDUqah1UV8f3__NFyqTCg5IexgBtloQF5pmV0uGkFFsfcpRyd92SOD6hnc3uA8-TECNBYKRLV3PuPGppg0&sai=AMfl-YQkZsbB9M8YNPS0IVtZc4Bs3JH4z59bY9TnZW5TYUU9bpRTAbgt3U1Rbq142lIOW09rRfaEXCNX1a4bs7ysbEsGJLnYTMOKn6MJ1rlD5rt2M82eim-RgOIEgZ67bhE&sig=Cg0ArKJSzAvV0hiuH2fyEAE&uach_m=[UACH]&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/ Frame 8CC5 22 KB
9 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 22:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 22:19:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/ Frame 8CC5 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 09:18:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8CC5 0
0 48ms
47ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-_6BI-Le-eagn5Kg1DBnucLb-UjKzmJaxmM_LuDlDDkVdqpVCLTikeKIOhsTtxs_XwvCvbKep1F5UmkA_eyyP6-vuYg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CC5 157 KB
48 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:32 GMT

GET
H2 200 3245844030301638014
tpc.googlesyndication.com/simgad/ Frame 8CC5 33 KB
34 KB 42ms
41ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3245844030301638014

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23e31349f7f219d77e986c095a9f77b7de022c3d94e7ee030881ea73db23c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 21:14:51 GMT
x-content-type-options: nosniff
age: 475601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34216
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 11:54:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jan 2024 21:14:51 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D0F2 17 KB
7 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:32 GMT

GET
DATA 200
OK truncated
/ Frame 8CC5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039410a46f7f4d405d38ce3907032e779f8a754d91da5c86552818f2dddd259a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 943B 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:19:06 GMT
expires: Fri, 02 Feb 2024 09:19:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 571C 783 B
534 B 49ms
49ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4227eced391a5b824e808efb4e64bc417707e04e7f4e5354fde9b1b8af970ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v5sfB1aB2nNVtzgbAcs7HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-v5sfB1aB2nNVtzgbAcs7HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:32 GMT
expires: Thu, 02 Feb 2023 09:21:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CC5 0
0 87ms
86ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJJZGMHxSM5eMBFA8zu8wYqkK47UbL476tf_NlqwGV4faa-bALxIrBWC1fhHogqz9FWTddxd7geAMTrUjAz30YQbV934QoMhvStW8oYY_WDedfWE3kf2d1nuDY4GwpOJFkDhq5fgvMnaKmWqaZ_3sWPDyy-cSVSnfUIujnVJx1n4W1ob3ZKXwurmmoxfCOLFSD6Two-RyPHUjKDwRfKiPefzvmmMhmOgU51E2YVKBZSlOfDikIp5ubH5Y3yrGji2SUdNZdGBrAjMnES-I4puHoLlkgSzx8yz5nmLdxHb5UQv5CY0_CbURTFYhoZi1mkQFQUFFuO6LVdQ&sai=AMfl-YRlaV865-jrUoiZnL6P7bxHb2F9GaKMg5N5v8jBSOnDpClulV726Z7T2blL3hCEUBZ8T8SaT83StGGqWrZVduDaN7THQWm3gIvAwfInvY8ljdbI5MtRroiJUV_zmms&sig=Cg0ArKJSzDpSPqL4o0nHEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:32 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 571C 0
0 76ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=4295641217747621&rc=
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 943B 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 09:03:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 943B 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Fq-fQg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 s8_31_e_81845176188718178189.jpg
a1.vnecdn.net/ 5 KB
5 KB 1035ms
232ms Image
image/jpeg 111.65.248.206
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.vnecdn.net/s8_31_e_81845176188718178189.jpg?w=60&h=60&s=QuVHBn-4-YkCyU8VfLQ1KQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.206 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 0a7794f4b541208ea1776b27417e4a048fce0ecf666da72b825f1f8fa883bf8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:33 GMT
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sat, 03 Feb 2024 09:21:33 GMT

GET
H2 200 img_60x60.gif
s1.vnecdn.net/myvne/i/v1/graphics/ 834 B
1 KB 242ms
241ms Image
image/gif 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/myvne/i/v1/graphics/img_60x60.gif
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 636e34e0da2f1f67697ddc5b0ab2ed5bf0661571906e8abf3efbd762139a8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:32 GMT
last-modified: Wed, 09 Jun 2021 02:20:03 GMT
etag: "60c02553-342"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 834
expires: Sat, 03 Feb 2024 09:21:32 GMT

GET
H2 200 s51462546135943831516.jpg
a1.vnecdn.net/ 4 KB
4 KB 1034ms
233ms Image
image/jpeg 111.65.248.206
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.vnecdn.net/s51462546135943831516.jpg?w=60&h=60&s=jCOnYuu8LJucmhO4f6MUFg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.206 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 56d46d5803e627e66010e676237a02fb0ffbc761763d14476b7e5adb3f9d541b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:33 GMT
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sat, 03 Feb 2024 09:21:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0F2 0
0 77ms
77ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=4295641217747621&bg=!KimlKW3NAAaq5O5FiuQ7ACkAdvg8Wmyp3yif7itSwZFPFXz_uclx-1wZzr7hsz4tpNJwjM15G73TZwIAAABfUgAAAAJoAQcKAJuQ1ubByZWuzXEfZIjw8xo5NQfSm2g5ZMTxbhIyyhn2DNCQAuOmoaUmutrfBPU8izVR7rxWlHuErWna8eF64_ycNA3b49aOMum5UDBR-MyOd1mKrpcmJwVH6MwesRBBXQ4y-RpxJhWypn39Qqwf75lKKKg9TXMrgmt_hQiizvD8A6OY1ykameyvi5Leei8QVFe0vvcDSxJrw8LBPZkCufkjK1dJVYA1ua07czhBZDIZsghbAekWPk5_kzyBdxOS8LnXcL3kOY8tEEVfBRCyUqjepWRwI7XjoiiEVlovkqzO1TSAp1cVc6sKnUo8C1fz-xwNfe7gvjidtND9lcixRl1SwnjxWKJAMatL_4PhtLndHe1p5Q2WYJqL9xDLiCNBZt-ZRc2Paw4H-Mh7zFmXJShAuNn6mtMpOt_iWJsNmlIryJxBhmb61j5XnOjPeeEwQKJAdg_KTqWdpK-5108zmMmmEq9VU6TptjTWBArOgb8Ctwycki0LqXGaj-Dawxki9z9zem4I78IesigJd6ORSUr6Fa6wQ-vc4Mh-ZA2l9TAaCjYhe4VKPzOktuyRNbEq3P1LJKU4rQY9L4WXCIMq7cWWh3MX75AFtEA3JaPzg_1Sg52uMH5u_SEuW0PwTznYlrrY_i79UK0hLjWw0VgwGMOsDnGbqOSnzpFq2HTRyxdugcHbW8oOPgS32ztdani-7_78nyMtnxPZcumvqzoWcThb8tcfHKEl8Ye9bNVDoAB4Iz6uYPQY8NPGf-qts2HXug3Zqgr4guNjK5yrKL95MDIe-cs8PnOsr0BjrrH5aptZv8yG7Q0nLBG71_D3lGpEgT8UTtWH3ZfUbkJN3ehfDMa22SCUF8JikvGIvpOzYm_VKgJLVPftUSIpyEEP_zjuQLkAqjvpAz_eMrRvekZGdbzahLIAtynwCcTv0vg5ekn3I0_eYwQVcHcitjqzWjXZuyX9iasIuOvxN1TyPzm4KfAz7mpDlXh6p3JEtiFTYWaIcdZWmcXysZR4-_KDTzlQE-SNRXNAlIm9b5euuxferfLvLrzhfDnGFgki8JuLf2AtEbzKMg227sEG4Ugfp77ahZSfFaxMBBf54O6NP0Cp16lTNRLxm_VVy3CVdRj0yuRIDj56dv9NQZI
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H/1.1 204
No Content multitracking Show response
ghb.hb.selectmedia.asia/adunit/ Frame D0F2 0
224 B 49ms
49ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/adunit/multitracking
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Thu, 02 Feb 2023 09:21:33 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H2 200 62978707 Show response
mc.yandex.com/webvisor/ 43 B
145 B 96ms
95ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/62978707?wv-hit=684049679&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1675329694%3Aw%3A1600x1200%3Av%3A960%3Az%3A0%3Ai%3A20230202092133%3Au%3A1675329686164661259%3Avf%3Asmv4ejgykhrjvgldb09nr%3Ast%3A1675329694&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:33 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 02-Feb-2023 09:21:33 GMT
content-type: image/gif
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 09:21:33 GMT

GET
H2 200 1001005.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/adblock/article/ 29 KB
10 KB 229ms
228ms Script
application/javascript 27.126.192.213
NEXUSGUARD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v4231/v3/production/adblock/article/1001005.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.126.192.213 , Hong Kong, ASN45474 (NEXUSGUARD-AS-AP NEXUSGUARD LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e4bdef16257955b0201cbb6e8063efc6642b751644e790b02297f5ee6975f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:49:00 GMT
age: 0
etag: W/"62de832c-74ee"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
alt-svc: h2="103.90.221.2:443"; ma=900, h2="103.90.221.3:443"; ma=900, h2="103.90.221.4:443"; ma=900, h2="103.90.221.5:443"; ma=900, h2="103.90.221.6:443"; ma=900
expires: Thu, 02 Feb 2023 09:26:34 GMT

GET
H2 200 embed Show response
flo.uri.sh/visualisation/12485484/ Frame 2B1F 961 KB
267 KB 47ms
47ms Document
text/html 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/visualisation/12485484/embed
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/dfp/ov_pc_vne_1003179_detail.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098372943a3890980120d544cf3da77ae5220998eee484d143de9c08a76111c7

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7
cache-control: max-age=0
cf-cache-status: HIT
cf-ray: 7931db7b5ce63688-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:33 GMT
last-modified: Mon, 30 Jan 2023 11:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv3STZStAywk1ot9fR0IgCjZ66ozxiqYO3EIl3jRKm8LHHGFxljkW3Y2uMS1nkuP%2BgpNDyIL%2FML5TD78Tv9QIq1yd85RTgM4cV09Yn9zV%2B%2F%2FN1qH5pGm7FiWEnfLkxYTGmmqetBnqzU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: UB7cmH3g/z+2nBiWrfu12AlXAwFpeMnraVr6p9A+SNPV4T+8q9wk2ZVZycCQFXA9E0JzAa+C2lg=
x-amz-request-id: RJ332NDW62692XZP
x-amz-version-id: wFDOek.W4ntiBdCvkngYQwLl6tfRTWb3

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 76ms
76ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 532ms
531ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3315255875517188&correlator=3651263773468548&eid=31072017%2C31072024%2C31072030%2C31072041&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CSticky%2CKinhdoanh%2CKinhdoanh.tiencuatoi.detail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C1x1%7C970x90%7C728x90&fluid=height&ifi=5&adks=2600356697&didk=3363173345&sfv=1-0-40&eri=1&cust_params=tags%3Dk%25C3%25AAnh%2520%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%252Cv%25C3%25A0ng%252Cusd%252Cch%25E1%25BB%25A9ng%2520kho%25C3%25A1n%252Cg%25E1%25BB%25ADi%2520ti%25E1%25BA%25BFt%2520ki%25E1%25BB%2587m%252C%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%2520v%25C3%25A0o%2520%25C4%2591%25C3%25A2u%26liston%3D1003159%252C1003179%252C1004903%26article_type%3D1%26article%3D4564117%26category%3D1004903%26cpd%3D5%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dmasterise&sc=1&cookie=ID%3Dc6e5b1dc46c14ea8%3AT%3D1675329690%3AS%3DALNI_Ma3MoCjsKMaLWlGwWbHt0FY-rQzlw&gpic=UID%3D00000bae12e6a6e5%3AT%3D1675329690%3ART%3D1675329690%3AS%3DALNI_MYORA8NesIqT39p8SOl4l9sop8_LA&abxe=1&dt=1675329693964&lmt=1675329693&dlt=1675329685426&idt=1067&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AD37Y7v1u_SzZxy29Vp7J6UN3BP_GjemY7zqhA0GxHpxF9d1ATPYbMSA5JLLMUy45NOU91lg2D2kfG90cKvOmCoIfaPCgqnwQ3OtB48x0h6SoH6QjA%2CAD37Y7v2clrOtA9g4g6rJUD5eW_jMivtVHGc8XRkENmCRpHf-TJenqPUlz0q-FQc98oEAn3tSzLcNYv1BOssLRiFLjy30bWPtg2OmNzWc6UnpIRlVQ&ga_vid=611417411.1675329686&ga_sid=1675329690&ga_hid=946454588&ga_fc=true&ga_cid=36675206.1675329686

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

054e866eb7575e69c6978967e03e09a9dfba6a7c31f3dc43c8431002fff9fef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12160
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 92ms
91ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccf84706d9dcef069677ae87d019db02a68710e9a09f1156ffd1b6f0eec2fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11367
x-xss-protection: 0

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 90ms
90ms XHR
application/json 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=63695605483-uh3lvelqpb59s1tn5qh59ovbcuhfa54v.apps.googleusercontent.com&as=WlpYRFsnY%2BaOQvS1TR1fmg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e88177ad34825f0b1737c4a796c70f7215d618e3e9eb2708bbcf4344adc03d51

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BGpzdQleG1dmvhT8w9tkdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BGpzdQleG1dmvhT8w9tkdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D172 15 KB
6 KB 48ms
47ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 776765
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 jquery.3.2.1.min.js Show response
s.vnecdn.net/vnexpress/restruct/j/v575/ 85 KB
30 KB 775ms
241ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: gzip
last-modified: Tue, 26 Nov 2019 07:22:26 GMT
etag: W/"5ddcd2b2-15283"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sat, 03 Feb 2024 09:21:34 GMT

GET
H2 200 choices.min.css
flo.uri.sh/template/2677/v21/static/choices/styles/css/ Frame 2B1F 5 KB
2 KB 47ms
46ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/2677/v21/static/choices/styles/css/choices.min.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebf010cf3503db862eb22610bc84f1d2f0b174bac152f1e654e73fe9ead91ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/12485484/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
x-amz-version-id: Mj0s.KOceVrwhpLLyw0Bpub3uEXcLu2g
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9NTAHHS7YCQFP46X
age: 99943
x-amz-id-2: Gxw8hvOAoYznGAOw/Ws5qqa4Box6ExTgeNOrAkVfI7ofhO5JNchwy1mvgSG3oaFLdBUcxDrmpEI=
last-modified: Mon, 23 Jan 2023 12:44:27 GMT
server: cloudflare
etag: W/"ac45b0abe30007c417750608d660cf6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilzFjnBByStnHsdLCWIfVqzfv30sNjz0yHlODJPUJ2Sfu6dBEYBk56fw1TuYUAd%2BFwPYk78hhfZSHIiABR%2Fv1%2F3FW66wKQDKA3dw57PQI%2BqFC5mTnS4zP8TuX2hxLVvsCNLLwqSuIEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 7931db7bbd553688-FRA

GET
H2 200 style.css
flo.uri.sh/template/2677/v21/static/ Frame 2B1F 1 KB
1 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/2677/v21/static/style.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f291acaadfdcfe1b7fe74dd747ebc7d203563b7f5273dc29fb1176fffbfba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/12485484/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
x-amz-version-id: wSADovtv8XwZE1o51ftedJJAJWdmWtlC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SGM2AK8AKMHNCJ65
age: 99938
x-amz-id-2: rJ7SmODKqsZxlwCsefjdPzKIjLN1VuUxJyorwNgiwleQyAloh4BjQMsvFARhYdUsmAb7h5XM7oc=
last-modified: Mon, 23 Jan 2023 12:44:27 GMT
server: cloudflare
etag: W/"4e1da9f7c73aef3bd3110faede5fdfd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGlu8Z%2FR%2Bo%2FvPHfflsZnIJIKn37fglCXG7NYvJ8Krh5tnVOqKhH3FHrVy5ps3PtGMFDduXu1o0TN6tjD%2ByLFzLC%2Bn9lnuULijB5kZtMC8O7u%2BE%2BSf088qZcVxknu7K8%2BbTZN1NDziYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 7931db7bbd563688-FRA

GET
H2 200 embedded.js Show response
public.flourish.studio/resources/v3/ Frame 2B1F 11 KB
4 KB 41ms
40ms Script
application/javascript 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/v3/embedded.js
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f80d5f9ce4e4273e3dbdc43f418d37328216b79195165c14e65cc1c6ec34127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: m_y1UB4v7ETU4z0hzwLBXDr0tKBpOY8g
content-encoding: gzip
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:18:47 GMT
x-amz-cf-pop: FRA53-C1
age: 167
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 17:48:38 GMT
server: AmazonS3
etag: W/"dc19950f0ddddd9b7a5691ed2ee57cb9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: najk1wnKXgYgO4CyGy4rKPnNpgfWXLtIspJu4OKqkiqGk2LbR_8uUA==

GET
H2

200

sid Show response
mug.criteo.com/ Frame D172
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=vnexpress.net&sn=ChromeSyncframe&so=0&topUrl=vnexpress.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=LT5kh3xSZE42VmkvSW5qZjdib1hSenhlWUZDNDg0Y3dYQzZyeFVuS0NDYkNOOExycGxDUHEyaHdhenhxMjM1dEplR1hiVzJuZjU2azhhUSt1UUtkcCt2Y3lZUEJZbWh3Z1JPbk52MG0wdmJxaHJoOGg3ZG5hSTJGcUM1eX...

438 B
670 B

341ms
44ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LT5kh3xSZE42VmkvSW5qZjdib1hSenhlWUZDNDg0Y3dYQzZyeFVuS0NDYkNOOExycGxDUHEyaHdhenhxMjM1dEplR1hiVzJuZjU2azhhUSt1UUtkcCt2Y3lZUEJZbWh3Z1JPbk52MG0wdmJxaHJoOGg3ZG5hSTJGcUM1eXFYbHNhM3h3ME9zZTkvUXBOTkVLUk9UclQ3SzN4aTBtaEVnaHh0RWt4cTN2anRpcjA3Q3RYRkZFQ2xvc3lzcjdERC9HbzM3bDQrYlBqMkdNbXdKdmRYMEswTUVzNG9KZVlhOWxFd0hSTStrV0pSUFU0UXREakYvMkN3M2ZmMkVxNHZFMjFtR01ubUt4OWtPd0VWbnlKSmNLalM3elhtdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34e96132a8d8fddaa732c169ff48c9851d3b28b8b37673bf7f0fb3ee239ca063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1991059
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LT5kh3xSZE42VmkvSW5qZjdib1hSenhlWUZDNDg0Y3dYQzZyeFVuS0NDYkNOOExycGxDUHEyaHdhenhxMjM1dEplR1hiVzJuZjU2azhhUSt1UUtkcCt2Y3lZUEJZbWh3Z1JPbk52MG0wdmJxaHJoOGg3ZG5hSTJGcUM1eXFYbHNhM3h3ME9zZTkvUXBOTkVLUk9UclQ3SzN4aTBtaEVnaHh0RWt4cTN2anRpcjA3Q3RYRkZFQ2xvc3lzcjdERC9HbzM3bDQrYlBqMkdNbXdKdmRYMEswTUVzNG9KZVlhOWxFd0hSTStrV0pSUFU0UXREakYvMkN3M2ZmMkVxNHZFMjFtR01ubUt4OWtPd0VWbnlKSmNLalM3elhtdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 617063
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 2B1F 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2B1F 49 KB
20 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 08:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3590
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 10:21:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2B1F 4 KB
651 B 75ms
74ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:10:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 09:21:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2B1F 3 KB
586 B 74ms
73ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac89d7e4b7c14d902ef5f62dd07f8d1ff2db26b27eccecceb573b6961f9958b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 08:42:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 09:21:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB83 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:19:06 GMT
expires: Fri, 02 Feb 2024 09:19:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 79B6 783 B
535 B 50ms
49ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0493e9333839cba82d152ee5c8ef6e9be07c9a69bcb471abd47d9742db10431

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-myR1pFwCk-U5ppGMw-FhkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-myR1pFwCk-U5ppGMw-FhkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:34 GMT
expires: Thu, 02 Feb 2023 09:21:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 collect
www.google-analytics.com/ Frame 2B1F 35 B
55 B 74ms
74ms Ping
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flo.uri.sh/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://flo.uri.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2B1F 13 KB
13 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 13:30:55 GMT
x-content-type-options: nosniff
age: 417039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 13:30:55 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame CB83 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 09:03:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 79B6 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=3315255875517188&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
public.flourish.studio/uploads/246936/ Frame 2B1F 38 KB
39 KB 46ms
46ms Image
image/png 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/246936/2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f69d003ea553ac3e670195e9e2ad3cbfee34ea9a2878ef3584f9c7c88be07310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: nja9j.58bBUawVY99iak2AbEb.MjVy4S
date: Thu, 02 Feb 2023 05:02:45 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 15530
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 39109
last-modified: Thu, 24 Mar 2022 04:06:11 GMT
server: AmazonS3
etag: "19d1806e6aa8a2d8ed7446f0293d48c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: q3v9KC-gNHJGINS-uO4gl4IYBKIB9sE_2sHcH4J4CZTFQ0uRJmx5tQ==

GET
H3 200 u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 2B1F 18 KB
18 KB 41ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 15:30:42 GMT
x-content-type-options: nosniff
age: 409852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18836
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 15:30:42 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 2B1F 19 KB
19 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 17:07:22 GMT
x-content-type-options: nosniff
age: 144852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:07:22 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 2B1F 18 KB
18 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:52:52 GMT
x-content-type-options: nosniff
age: 232122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18416
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 16:52:52 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2B1F 12 KB
12 KB 50ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 08:26:14 GMT
x-content-type-options: nosniff
age: 435320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11792
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 08:26:14 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 2B1F 20 KB
20 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 17:07:15 GMT
x-content-type-options: nosniff
age: 144859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:07:15 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2B1F 11 KB
11 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:38:51 GMT
x-content-type-options: nosniff
age: 6163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11724
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:50:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 07:38:51 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2B1F 13 KB
13 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:57:36 GMT
x-content-type-options: nosniff
age: 242638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 13:57:36 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 2B1F 8 KB
8 KB 42ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a619ae1c332145518f3ed463be52e3c71f63ecd71b0fdeae601b1878170005a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 23:29:29 GMT
x-content-type-options: nosniff
age: 467525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7852
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:29:29 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2B1F 4 KB
4 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e0839c2fc964208d157d5582aa3629465196ad2d90b9aee7ba1a480d8ec40a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 18:04:41 GMT
x-content-type-options: nosniff
age: 573413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4216
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 18:04:41 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 2B1F 8 KB
8 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880fc37f5a324b19d0624937dd1235625399588bebfe5c703930d6f3e1409285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:07:05 GMT
x-content-type-options: nosniff
age: 544469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7820
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 02:07:05 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2B1F 4 KB
4 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4de44eab29462e426981eca31a2e82331fbc494e64633889321a3b8db175527c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 16:42:09 GMT
x-content-type-options: nosniff
age: 578365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:42:09 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301181928000/ Frame F4F9 221 KB
60 KB 57ms
54ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61734
x-xss-protection: 0
server: sffe
etag: "5b4f5406239652c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame F4F9 15 KB
5 KB 66ms
64ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "47662644ea8653a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame F4F9 94 KB
28 KB 68ms
66ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28817
x-xss-protection: 0
server: sffe
etag: "6eb387830c268337"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame F4F9 5 KB
2 KB 71ms
70ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "f13d3e1d36b26a3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame F4F9 40 KB
13 KB 71ms
70ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 13782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12960
x-xss-protection: 0
server: sffe
etag: "f74ebce85e2cb18a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F4F9 8 KB
895 B 77ms
76ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 09:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:03:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 09:21:34 GMT

GET
H3 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F4F9 3 KB
3 KB 43ms
42ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:34:58 GMT
x-content-type-options: nosniff
server: cafe
age: 60396
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Thu, 02 Feb 2023 16:34:58 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F4F9 344 B
368 B 42ms
41ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:46:04 GMT
x-content-type-options: nosniff
server: cafe
age: 77730
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 02 Feb 2023 11:46:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F4F9 0
0 95ms
95ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeGtSnoDbY6KoAoGdlQfnk72gD5njxeRrze6YpZcPZBABIMfHnyNglcKmgrAHoAH64IW3A8gBCakCEYS2hJJ-sj7gAgCoAwHIAwqqBPoBT9At-j4iSNiH3BHUxwdJ7ieQzwjdnn7wxb5hPY96Kbt6brQur-ZLE43AtvoRSteAAkwmXf-uBp3NfQKUwkAfuu54NzFOjJIRfc3_MFt9bdzLuH6Z3xcHth5B7pKEQ55PXcmBv_eDquRtMyWxgvSualJXhsH-F6ACCt86OEh3AZYsF-WN7Yz4aX_V5aKl4jR7rt16dZ5xITg9Gao-vnwcnZNrU4KSHrqVGsXE40GQ39pWVHjUsVMyheA9vQA2rA9hF_CbB93DHVtCNCRrfqem06N5i2WXi3rl_uRjXtlV1DvQph75jpvdQw9bxUi0qRXTVYj5C1aC2xDlFsAE6LiCnO8D4AQBkgUECAQYAZIFBAgFGASgBi6AB_OaxUaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDMyQbSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDYgUAtAVAYAXAbIXHgocCAASFHB1Yi0xNDgxMDE5NzU0MTg0OTU1GM-zEw&sigh=hCHDEt0neNE&uach_m=[UACH]&cid=CAQSPADUE5ymcmMl02hktu2_PKinfAjdQohAnKAStW-PiPZ-2xgoLXSX-3HhB96RjAibySiIez_grCNSoQGCYhgB&template_id=5000
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17772862226637295469/ Frame F4F9 6 KB
6 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17772862226637295469/14763004658117789537?w=195&h=102

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee460bbdea3bf5ac7619a9710f4fb99e02e914de9896213c44a03de58fc112cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 06:13:53 GMT
x-content-type-options: nosniff
age: 11261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6394
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 14:37:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Feb 2024 06:13:53 GMT

GET
DATA 200
OK truncated
/ Frame F4F9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b56fa80445aa7b4fb7cad698e4c0f5a00ee843f42af2c31f4b55f02bde37b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F4F9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F4F9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bad618ab197f861f6927b55f2132ea72a12ed025d41fdf6bb806ecb4c8f7dde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
public.flourish.studio/uploads/246936/ Frame 2B1F 38 KB
39 KB 46ms
45ms Image
image/png 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/246936/2f5893b6-1d49-441d-ab8d-6f40ba34518f.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/12485484/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f69d003ea553ac3e670195e9e2ad3cbfee34ea9a2878ef3584f9c7c88be07310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: nja9j.58bBUawVY99iak2AbEb.MjVy4S
date: Thu, 02 Feb 2023 05:02:45 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 15530
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 39109
last-modified: Thu, 24 Mar 2022 04:06:11 GMT
server: AmazonS3
etag: "19d1806e6aa8a2d8ed7446f0293d48c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: vhlmfJTrohOb1tTRjJkSRgGopyqaN031YYAGUFSEDKgsUXRv4dcm2A==

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F4F9 28 KB
28 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vnexpress.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 317837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:04:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CB83 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?71Iz7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK perf
logperf.vnexpress.net/ 0
0 1442ms
461ms Image
text/html 180.148.129.21
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logperf.vnexpress.net/perf?lt=9908&dclt=4147&sr=1368&url=https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&iscache=0&device_env=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.129.21 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 75ms
74ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 324ms
324ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3315255875517188&correlator=1325241031525454&eid=31072017%2C31072024%2C31072030%2C31072041&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2COutstream%2Ckinhdoanh%2Ckinhdoanh.tiencuatoi.detail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C1x1%7C640x360&fluid=height&ifi=6&adks=3883833538&didk=3633849459&sfv=1-0-40&eri=1&cust_params=tags%3Dk%25C3%25AAnh%2520%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%252Cv%25C3%25A0ng%252Cusd%252Cch%25E1%25BB%25A9ng%2520kho%25C3%25A1n%252Cg%25E1%25BB%25ADi%2520ti%25E1%25BA%25BFt%2520ki%25E1%25BB%2587m%252C%25C4%2591%25E1%25BA%25A7u%2520t%25C6%25B0%2520v%25C3%25A0o%2520%25C4%2591%25C3%25A2u%26liston%3D1003159%252C1003179%252C1004903%26article_type%3D1%26article%3D4564117%26category%3D1004903%26cpd%3D5%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dmasterise&sc=1&cookie=ID%3Dc6e5b1dc46c14ea8%3AT%3D1675329690%3AS%3DALNI_Ma3MoCjsKMaLWlGwWbHt0FY-rQzlw&gpic=UID%3D00000bae12e6a6e5%3AT%3D1675329690%3ART%3D1675329690%3AS%3DALNI_MYORA8NesIqT39p8SOl4l9sop8_LA&abxe=1&dt=1675329695000&lmt=1675329695&dlt=1675329685426&idt=1067&adxs=315&adys=1995&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&frm=20&vis=1&psz=670x15&msz=670x0&fws=4&ohw=1600&psts=AD37Y7v1u_SzZxy29Vp7J6UN3BP_GjemY7zqhA0GxHpxF9d1ATPYbMSA5JLLMUy45NOU91lg2D2kfG90cKvOmCoIfaPCgqnwQ3OtB48x0h6SoH6QjA%2CAD37Y7v2clrOtA9g4g6rJUD5eW_jMivtVHGc8XRkENmCRpHf-TJenqPUlz0q-FQc98oEAn3tSzLcNYv1BOssLRiFLjy30bWPtg2OmNzWc6UnpIRlVQ&ga_vid=611417411.1675329686&ga_sid=1675329690&ga_hid=946454588&ga_fc=true&ga_cid=36675206.1675329686

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3112de4a5f3b2752d588a49e1761365b39074877c70a5ceeae6541409fe119d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9525
x-xss-protection: 0
google-lineitem-id: 6215368279
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138421659246
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bad.js Show response
core.polyad.net/ 272 B
508 B 1695ms
233ms Script
application/x-javascript 111.65.248.229
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://core.polyad.net/bad.js
Requested by: Host: s.vnecdn.net
URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.248.229 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: cache_polyad_hcm_249_10 /
Resource Hash: edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy: 1377casthnfpdd10bf7c7468e873e79ba2ad242
date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
last-modified: Thu, 14 Nov 2019 09:38:26 GMT
server: cache_polyad_hcm_249_10
etag: W/"72c42544cf9ad51:b5e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
x-status: HIT
expires: Fri, 03 Feb 2023 09:21:36 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D0F2
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvnexpress.net%2F&domain=vnexpress.net&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Pd5VgXxxRWlxdmRLZ2hzZkIwcy9NUFFyZFRvM3hnRnZBMnhaaVhtOFZwdFA0ZkZBaDVjdUVxN1lSSUt5Ui80cWhaQTZhdWh6TFlpZ3VyMnRHY1pGS3kyQjF2NUlBUTkrWGh0L3d5K3JIMVdWS3lJVHRBVEdrYVA5bTd4ZW...

434 B
699 B

44ms
44ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Pd5VgXxxRWlxdmRLZ2hzZkIwcy9NUFFyZFRvM3hnRnZBMnhaaVhtOFZwdFA0ZkZBaDVjdUVxN1lSSUt5Ui80cWhaQTZhdWh6TFlpZ3VyMnRHY1pGS3kyQjF2NUlBUTkrWGh0L3d5K3JIMVdWS3lJVHRBVEdrYVA5bTd4ZWFIV2hZVi9kOXY0bHhyTW9iQW4wQ09mSWZmNmRSUE1wQVJyc2xqR1JiYkxGdk9PNnZ6RzRLaDJQWE44dkpuZ05lM3dINDFqYWdrVzdBelVTUlhXS3FpczgxeWtwaHVXZERoK1ZIRXVYWHhBd2FndHJlT2t2U0p5MllrSlh1aGRBVFg1enI4ZXFQQ2RRU0JKNFAxUlJzNisxNXl3WWEwdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

20a771540e3bbd288f98e6344f8626a62329ed3aa0b6862bb489253704f8714f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2029741
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=Pd5VgXxxRWlxdmRLZ2hzZkIwcy9NUFFyZFRvM3hnRnZBMnhaaVhtOFZwdFA0ZkZBaDVjdUVxN1lSSUt5Ui80cWhaQTZhdWh6TFlpZ3VyMnRHY1pGS3kyQjF2NUlBUTkrWGh0L3d5K3JIMVdWS3lJVHRBVEdrYVA5bTd4ZWFIV2hZVi9kOXY0bHhyTW9iQW4wQ09mSWZmNmRSUE1wQVJyc2xqR1JiYkxGdk9PNnZ6RzRLaDJQWE44dkpuZ05lM3dINDFqYWdrVzdBelVTUlhXS3FpczgxeWtwaHVXZERoK1ZIRXVYWHhBd2FndHJlT2t2U0p5MllrSlh1aGRBVFg1enI4ZXFQQ2RRU0JKNFAxUlJzNisxNXl3WWEwdz09fA&cppv=2
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 608010
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ Frame D0F2 135 B
542 B 121ms
40ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame D0F2 63 B
388 B 178ms
56ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: aca8dd75c90a818d252ce079931352de2b26142e83163c98c7a64e1a16edf5b0

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 04 Mar 2023 09:21:35 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4E62 16 KB
6 KB 193ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99699
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 54FC 3 KB
2 KB 162ms
46ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 933
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931db83ca363666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: Thu, 02 Feb 2023 13:21:35 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame 0EBF 7 KB
3 KB 167ms
70ms Document
text/html 2606:4700:3031::6815:5dd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7931db83b8be9962-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:35 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JGK6H6sBaQkoy3quXE%2FQxMvY3sP3gjyNHjzcjFvh3rcZ8dtzfIvqJTpoioqBOsu%2BzpxoUx%2FKXeAUEMX1U71EfJKrPZAJPyECs9mcQ3QyThqbYM4w1HTIKZd3qpiiflnveQWHINqpm6ygg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5D9F 666 B
716 B 93ms
74ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ce446ee3dc543744d895593789ad4dd01c2f64caf5749a5cc5decc4c3b8bfe1c

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 416
content-type: text/html
date: Thu, 02 Feb 2023 09:21:35 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
onetag-sys.com/usync/ Frame 029A 0
0 48ms
40ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1675329691704&gdpr=0

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame AD14 0
0 50ms
42ms Document
text/plain 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13471758
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Thu, 02 Feb 2023 09:21:35 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6DDD 16 KB
6 KB 225ms
75ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99699
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame BCEF 37 B
140 B 128ms
41ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 02 Feb 2023 09:21:35 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 2E51 666 B
728 B 66ms
50ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ce446ee3dc543744d895593789ad4dd01c2f64caf5749a5cc5decc4c3b8bfe1c

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 416
content-type: text/html
date: Thu, 02 Feb 2023 09:21:35 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3D1E 52 KB
17 KB 149ms
39ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20345
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:35 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214423
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220042-HHN
X-Timer: S1675329695.329684,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 32E8 52 KB
17 KB 149ms
39ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20346
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:35 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214678
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220052-HHN
X-Timer: S1675329695.329859,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E484 281 B
554 B 298ms
48ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

setuid
a-prebid.vidoomy.com/ Frame D0F2
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=undefined&uid=GFqxpBZHMRgUNAeTSYioVoxk

0
431 B

127ms
39ms

Image
text/plain

18.192.227.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=undefined&uid=GFqxpBZHMRgUNAeTSYioVoxk
Protocol: H2
Server: 18.192.227.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-227-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:35 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://a-prebid.vidoomy.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=undefined&uid=GFqxpBZHMRgUNAeTSYioVoxk
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
a-prebid.vidoomy.com/ Frame D0F2
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=4b30b11d-7dee-40ad-95c1-061fe8449700

0
445 B

40ms
39ms

Image
text/plain

18.192.227.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=4b30b11d-7dee-40ad-95c1-061fe8449700
Protocol: H2
Server: 18.192.227.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-227-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=4b30b11d-7dee-40ad-95c1-061fe8449700
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: pls6957d99m4kb2mp229lf7ioqfi48ad

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D0F2 0
0 194ms
40ms Image
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy=&predirect=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D{{GDPR}}%26gdpr_consent%3D{{GDPR_CONSENT}}%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2

200

setuid
a-prebid.vidoomy.com/ Frame D0F2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-i2RW46pE2uH8wqKKPkPKkfKsAPvbln_3mX7n3lA-~A&gdpr=0

0
548 B

53ms
53ms

Image
text/plain

18.192.227.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-i2RW46pE2uH8wqKKPkPKkfKsAPvbln_3mX7n3lA-~A&gdpr=0
Protocol: H2
Server: 18.192.227.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-227-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-i2RW46pE2uH8wqKKPkPKkfKsAPvbln_3mX7n3lA-~A&gdpr=0
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
a-prebid.vidoomy.com/ Frame D0F2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2524UID
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=8020408773171338617

0
427 B

59ms
40ms

Image
text/plain

18.192.227.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=8020408773171338617
Protocol: H2
Server: 18.192.227.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-227-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:35 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ee8c4383-95b4-49a9-9de5-2f62d7b3f203
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=8020408773171338617
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame D0F2 0
191 B 538ms
175ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:34 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame D0F2
Redirect Chain

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/vidoomy?zcc=1&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D&cb=1675329695884
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3874317150

70 B
264 B

59ms
55ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3874317150
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
Server: Tengine
ETag: RXc7613e135ff54541a08f522074c6b340005
Transfer-Encoding: chunked
Content-Type: text/html
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3874317150
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 cookie
cm.adform.net/ Frame D0F2 43 B
106 B 126ms
39ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/ Frame D0F2
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=0fa0869b-6eec-4936-a91e-cb66620db0e9&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Qi48rpBE2pnjiAfnOcP9nEw38CSQoGIAVOjm4w--~A&expires=5&ssp=vidoomy
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0fa0869b-6eec-4936-a91e-cb66620db0e9

43 B
466 B

104ms
87ms

Image
image/gif

18.192.227.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0fa0869b-6eec-4936-a91e-cb66620db0e9
Protocol: H2
Server: 18.192.227.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-227-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0fa0869b-6eec-4936-a91e-cb66620db0e9
Date: Thu, 02 Feb 2023 09:21:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 144ms
49ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvnexpress.net%2F&domain=vnexpress.net&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 797840
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 2E51
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c2f263db-809f-4f00-978e-5ed4b97a57c3

43 B
106 B

51ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c2f263db-809f-4f00-978e-5ed4b97a57c3
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 02 Feb 2023 09:21:35 GMT
Server: MT3 421 8749e8d master zrh-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c2f263db-809f-4f00-978e-5ed4b97a57c3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Feb 2023 09:21:34 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 2E51
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8pQAU_yXXVfpxQJTosFJV_XBBwjpkVEGpZ_-cd2B

43 B
61 B

52ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8pQAU_yXXVfpxQJTosFJV_XBBwjpkVEGpZ_-cd2B
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8pQAU_yXXVfpxQJTosFJV_XBBwjpkVEGpZ_-cd2B
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 2E51
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6748347055864869662

43 B
106 B

52ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6748347055864869662
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6748347055864869662
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 2E51 70 B
264 B 57ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=72ee3ed2-c471-7344-fe4d-c60a691f558d&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 2E51 170 B
243 B 51ms
50ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU4MWVkMTgtMGQwNi0yZGUwLWViYWQtOWNiM2EzZmQ5YmVk

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2E51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1

43 B
106 B

60ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame D0F2 33 B
400 B 40ms
40ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

4ca3911ffa3b058611f6be71b85a4be3c81a6daeb002c391801a25bf7377e225

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5D9F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=399063db-809f-4d00-94cd-150fa67a6716

43 B
106 B

53ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=399063db-809f-4d00-94cd-150fa67a6716
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 02 Feb 2023 09:21:35 GMT
Server: MT3 421 8749e8d master zrh-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=399063db-809f-4d00-94cd-150fa67a6716
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Feb 2023 09:21:34 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5D9F
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=UTlMwl86EcZKaE7DVT4FkwVoSpRKP0rEBGx0KM1_

43 B
61 B

51ms
51ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=UTlMwl86EcZKaE7DVT4FkwVoSpRKP0rEBGx0KM1_
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=UTlMwl86EcZKaE7DVT4FkwVoSpRKP0rEBGx0KM1_
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5D9F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2553896114296436170

43 B
106 B

112ms
111ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2553896114296436170
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2553896114296436170
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 5D9F 70 B
264 B 56ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=72ee3ed2-c471-7344-fe4d-c60a691f558d&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5D9F 170 B
232 B 50ms
49ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU4MWVkMTgtMGQwNi0yZGUwLWViYWQtOWNiM2EzZmQ5YmVk

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5D9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1

43 B
122 B

48ms
48ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXGPRd1Rp5Y_XGgDVyCoUQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B597 0
0 88ms
87ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf32M5L0R2BiaqElK0UHcn_JdMBWquCveDea22_ohp6UxL2spS3Efj7eUuEqrHtXLfaosGtG4syPz1CUXhHhpsEDh6VCdLC9UHVx3FW_0hvqq9RiKkOr9jHWcflE0ADKfyPUcWrJsP-OtX9cGC64hexHyWWAed9Udy23taTPk8Z-zPgjLxv7j2j2srGlod0xGd2zH1mDIF6CRrLkPmi9mzWW5VeQOvciNCTVfcO3L4RY54mykJmWi41cQyK_66twiDUkRtC8feqoiAGdMFg3cVwx-5ttu98Ftb88f0yzQh_p9HKlyktIK400UO_pS3JwIAXIy4THl2VQlWIJ658xlS1sO9N2GJEIkSDErgfbw5_vaufYmjOCMrTTvT6AmfW1meWI1PqI7L5dqV8Q&sai=AMfl-YSm_5hZDu1UszWB8t_nMuADp-sPe_kR8YHGY5_qFzhRjeC5hEXi0qwr7XUMQZtf7ZVV32h9XtSINmj6oCy4iuR6D7qGLljCbFhaZFATLH1bF2h_ghctbhu9hYgMQVE&sig=Cg0ArKJSzCrn2Dg1YHPfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag_255f5966-6755-44b0-b693-33617df71731.js Show response
sm1.selectmedia.asia/cdn/tags/ Frame B597 35 KB
36 KB 142ms
43ms Script
text/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sm1.selectmedia.asia/cdn/tags/tag_255f5966-6755-44b0-b693-33617df71731.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 05a283a7fc7395ad09eac0a134c64e4ad727c1c0654339efbfc0e596608778ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:19:16 GMT
age: 139
x-guploader-uploadid: ADPycduP-GJUWx51v2837GR7JTBZOzKpLLSRi3quYoMDR5N542ZcgE4ZJqYUmoqwhO1opaPvb77UJYbFm9CbIc6bKKrPZZ9bqNn0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35996
last-modified: Thu, 02 Feb 2023 09:13:09 GMT
server: UploadServer
etag: "ca010306b850f71e452609ca11b01805"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=Lf71ug==, md5=ygEDBrhQ9x5FJgnKEbAYBQ==
x-goog-generation: 1675329189605512
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 35996
accept-ranges: bytes
content-type: text/javascript;charset=UTF-8

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B597 157 KB
48 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31072017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:35 GMT

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ Frame D0F2 216 B
623 B 42ms
41ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_690161_16089.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

96bb3f29f346b4a63c3fda29b74e69178648d731d4250768f21dcb6dc27b59ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 125ms
48ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 557920
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D1E 0
858 B 57ms
57ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:35 GMT
AN-X-Request-Uuid: 5bb2d6d3-9a7a-408a-90ff-b82e4a2def2e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 32E8 0
858 B 39ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:35 GMT
AN-X-Request-Uuid: a8f776e3-28b0-4b44-b476-0788ce8dfc04
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 3C01
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
823 B

70ms
68ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f681cea0becaa16f6e34ba1a2725adf8754b45bf868b398c7f80f2dffc16d31

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931db8578a73651-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvnMnttI5iW8Hj7A5aGPadmLrrhdn9rVFHbaAaeQqiBwsES0xHjbFoMA0CXCmWeF4MuJwddK7oclt27FIG5k5o%2FF3RY1PAVVkkiM72rZrx3X4kjzNa%2F2SENwACD4JLGWXFixqRO%2Ff8cthQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931db85181f3651-FRA
content-length: 0
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fx4atwhtg3Pyvt87ywCJetxeEvrtC%2FRCZlbryoJUCetGc8cdFP%2BuwozvKDS4ilNaWB%2Btzr09h9KP6Sv%2BrWq%2BqwAzI4Nb0rZTK59O9RSdNPx2u7hoHyNON8GXe%2BKEK7kVbsbn%2Fasw5UCqRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 getuid
eb2.3lift.com/ Frame 0EBF 37 B
139 B 41ms
41ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4E62 5 KB
6 KB 214ms
46ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24882419&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3bb12576184eb8a62b23fe8d023373a3c5065490ff1b343e2dfc361a702a623e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
DATA 200
OK truncated
/ Frame B597 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11cbf1de684ccc55decac5a4295a95f8cf7d797e24c75592087f97c232a2528c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 0EBF
Redirect Chain

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=7e5fa8466c8ccabbbfd12498fc84a95e7f4135c923c2530afd2b3aafeb4fff9b

86 B
564 B

133ms
43ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=7e5fa8466c8ccabbbfd12498fc84a95e7f4135c923c2530afd2b3aafeb4fff9b
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
content-length: 86
content-type: image/png

Redirect headers

Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=7e5fa8466c8ccabbbfd12498fc84a95e7f4135c923c2530afd2b3aafeb4fff9b
Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E484 34 KB
10 KB 52ms
52ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38196
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:11 GMT

GET
H2 204 /
track-selectmedia.com/trackv4/ Frame B597 0
418 B 327ms
187ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?&d5=vnexpress.net&d3=a6dd3704-3e26-4321-986d-4e73707b71dd&d25=13040bed-d283-4fd9-abec-62d240273393&d23=tag_255f5966-6755-44b0-b693-33617df71731&d24=9a8ff5d9-2c48-4af0-8886-4e8eaafdfaad&d2=1675329695&e=0&cb=1675329695555
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 style.css
serv-selectmedia.com/cdn/player/ 1 KB
886 B 47ms
41ms Stylesheet
text/css 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/style.css
Requested by: Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_255f5966-6755-44b0-b693-33617df71731.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:18 GMT
content-encoding: gzip
age: 7577
x-guploader-uploadid: ADPycdtN5djEGIrKSUarsHIw0T1TV4SuXoofR3iXGQyKQNFY8ZimXVvYNkofCefjI1z3k9YIAz8Qo48gI0lBoFPQeND3rAxBJSGE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 571
last-modified: Mon, 15 Aug 2022 09:39:19 GMT
server: UploadServer
etag: "3a8d6c993f0a7e34ae07f8e86c31e632"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=GiK3YQ==, md5=Oo1smT8KfjSuB/jobDHmMg==
x-goog-generation: 1660556359399621
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 571
accept-ranges: bytes
content-type: text/css

GET
H2 200 selectmedia-player.umd.js Show response
serv-selectmedia.com/cdn/player/test/ 129 KB
40 KB 129ms
40ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Requested by: Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_255f5966-6755-44b0-b693-33617df71731.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a006951caeda5b31c1599aa1ebb91e452ddd15fe1589ce365a47c9d457f0edab

Request headers

Referer: https://vnexpress.net/
Origin: https://vnexpress.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:25:25 GMT
content-encoding: gzip
age: 53770
x-guploader-uploadid: ADPycdvndi0jggxFdQLXlVcbgfZoujIVqcKhU-hr2SppWcb2jBFQ6AWrGUpkrcS9AvnGxUY0bwlwaZs6fqi25gjV6o7PQN2OjT12
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39919
last-modified: Tue, 31 Jan 2023 06:38:09 GMT
server: UploadServer
etag: "34f805d145386d8e0976e5e106ec8c13"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=3JaXJQ==, md5=NPgF0UU4bY4JduXhBuyMEw==
x-goog-generation: 1675147089270732
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 39919
accept-ranges: bytes
content-type: application/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=3315255875517188&bg=!zs2lzYnNAAaq5O5FiuQ7ACkAdvg8Whi5NrxwwBQBT06i_483VmPDUKMbdxnlO3r8IkN8obDGyh8yowIAAAHoUgAAAAJoAQcKAISellhGG7lZf6vNLxkzMij0dyHKkFQaA-QxTXrWrjqD0n-b53qdM6_wz1v64yqJebS6RB5dvU3PT9b2eAEqsTEJmyC7zTfxUQ8jIlc16iyjPCXdAgoAig9rMekYpRjD5uHhjk2gDQxTS9KoTpbYH4IwBayGlnM6w3IbhqLHBTtfrR3uemOZAqYaTmmnMNQ_-xcdKIUMTtW-ko-NUf7xL5P9t0YeYOPgZm3uHj6xK3B-pSshDG4ZIk-Lac58aKD7h1pgYdXwrtIRb1ARb92s-hMZUFSFhcoUdUgxJzWKyqf5lXlgKK6KOmHcNU5Kc7J0-fgsNXoDIRPxT8_h4P5K3AlmXhDTbHYL4RrM-aNwQdyM0NnFD97OP2XpaFghm8JyxOQFNJutD3l4RxPhr-qA4EcFFddecQR-I7rCxG2lbilx9npUZTFEJ1MVe1YhzzLfpyRZ8ZejuJjbZV1soyiJMlBEev1IXq6jwcocVCxY1gWPbbfoogCLtMgM_UEl65-JKxWy-MskLcvTls1HvwXLltvrsVO_R6xDCCkPGm8-iaM_caj1zbF3qkAijwXH60kFRBN_vKlf-56poquTgpVP4C9Y-nfZqtVyT4X50f9xFV7rwrvleSNbaxrlWC5NuBfhee0uJJnSEKa_1ioUzGqMv9nyaFGUSRx_HoK0XKkt5OEgTv9nSMt0eMNj6p9HM66kxNIDtCDs8j87l2K84iN93AlkfPA6A_LvAeQjkXDgjdx5uZgz9T9j-3fPrLsssfLXPX_Vwno0Gpc8fVnMoFz-_NKHPb75HnuZcKUjSusR08nejQWUN5obgs6A7HHowqRsGOyvkxJ9rF5wavZep2eZO5g2EiuGRuz_RuPHI-ptfZ8H7UblHuZb0XLmui0TB7YedwI0FicaPWNdrjygQ7F78pgHIbZxpf39tOD57nGY27IXo87wq8VABU9oHXM3Jkk-GrbIg4dlLPb9pPbZbcDNm3c1SxwV8qA5IWPTLhlp_H5IVO1akvff8qLNdCiAJFLT5rvFOGaWzgDfURDzLMM6Sc_725DSkAW9pnDqcsD_nodPyB4W3OdNjThtnq8XdoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 3C01
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1

43 B
792 B

57ms
57ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKuqVCDOB6jbauR%2FaFk3Z08wC0mHpaTiPq5sSVTJoetPKWvF4rx9BwF7CJYk7eyNU29X%2BZzaKdl%2Fbwf%2Bzxvk5mK830Q4awqPpmaQbC7nAih%2FwD4RHolaGNEXVsGHvQSddXXj8p8Vx4rHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931db863a0991de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3C01 70 B
264 B 56ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3C01
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&dcc=t

43 B
855 B

129ms
128ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M1M852PYBC2C6YHZZEQ7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NKX5A22ZWEGQ4Z43EZQH
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3C01
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENTBr5AVBu_VEPLhI1y2fZQ&google_cver=1

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENTBr5AVBu_VEPLhI1y2fZQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENTBr5AVBu_VEPLhI1y2fZQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3C01
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178

42 B
942 B

61ms
61ms

Image
image/gif

54.72.53.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

54.72.53.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-53-159.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0ba4161da.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BKgBsCeqQfw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0zRjwkxMSYw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3C01 43 B
235 B 481ms
187ms Image
image/gif 35.212.133.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.212.133.238 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.133.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3C01
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a2fccb55-24a4-405c-abe5-8e3ddc52cc6b

43 B
632 B

44ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a2fccb55-24a4-405c-abe5-8e3ddc52cc6b
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a2fccb55-24a4-405c-abe5-8e3ddc52cc6b
date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2

200

rum
dsum.casalemedia.com/ Frame 3C01
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675416095

43 B
784 B

183ms
68ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675416095
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuD3l2rNA8JCXBUWivY%2BXWkX6rt9%2Fa0hNXMvZ1SM293umNeIDaFdddTuOE4Z7weoBo%2FXEJR1keg9poCdGpwIAOeqACAgwcBQ435%2FVJle0lVzNl0UhQw0FxUlqHSeTs4%2BOA9QA%2FKM"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931db881af8367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675416095
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 3C01 43 B
353 B 171ms
50ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12803
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931db86bd4d373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:35 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame EFB9 35 B
477 B 39ms
39ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0748
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:399063db-809f-4d00-94cd-150fa67a6716&gdpr=0&gdpr_consent=

42 B
326 B

199ms
48ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:399063db-809f-4d00-94cd-150fa67a6716&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 02 Feb 2023 09:21:35 GMT
Expires: Thu, 02 Feb 2023 09:21:34 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 421 8749e8d master zrh-pixel-x24 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:399063db-809f-4d00-94cd-150fa67a6716&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 292A
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

46ms
45ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:36 GMT
expires: Thu, 02 Feb 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2470665
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B0B8
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6375948229622613576

42 B
274 B

189ms
189ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6375948229622613576
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 08:57:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6375948229622613576
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A523
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg

42 B
415 B

188ms
188ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2AF3
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8020408773171338617&gdpr=0&gdpr_consent=

42 B
447 B

171ms
46ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8020408773171338617&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: b37f37e7-102b-474b-8696-92776233399e
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 09:21:35 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8020408773171338617&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame ACE3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

220ms
220ms

Document
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Feb 2023 09:21:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0W8YGD01Z9XAK71852MD

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 02 Feb 2023 09:21:35 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8BKGKBAR4V8488JWTTGC

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195486250077649048&gdpr=0&gdpr_consent=

42 B
243 B

65ms
47ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195486250077649048&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Thu, 02 Feb 2023 09:21:35 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195486250077649048&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5D60
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FpBhWDLtQUtX-mz1jJiV-VD_B2o

42 B
377 B

46ms
46ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FpBhWDLtQUtX-mz1jJiV-VD_B2o
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 09:21:36 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FpBhWDLtQUtX-mz1jJiV-VD_B2o

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3C01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9uAnwAAARH4SAAb&gdpr=1&gdpr_consent=&_test=Y9uAnwAAARH4SAAb

0
74 B

46ms
46ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9uAnwAAARH4SAAb&gdpr=1&gdpr_consent=&_test=Y9uAnwAAARH4SAAb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 02 Feb 2023 09:21:35 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9uAnwAAARH4SAAb&gdpr=1&gdpr_consent=&_test=Y9uAnwAAARH4SAAb
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220088-HHN
x-timer: S1675329696.927171,VS0,VE0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 134D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDT0FVN0h0d0VBQUNBcjFZYUhSZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACOAU7HtwEAACAr1YaHRg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1232672149992059140&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACOAU7HtwEAACAr1YaHRg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1232672149992059140%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1232672149992059140&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACOAU7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACOAU7HtwEAACAr1YaHRg&gdpr=0&gdpr_consent=

42 B
278 B

188ms
188ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACOAU7HtwEAACAr1YaHRg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 02 Feb 2023 09:21:37 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACOAU7HtwEAACAr1YaHRg&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame C98C 43 B
277 B 229ms
53ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Feb 2023 09:21:35 GMT
Vary: Accept-Encoding
X-adserver-worker: komodo-3e535eb00e99@version_1.535
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame BE91
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675329695764
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3587709600

70 B
264 B

55ms
55ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3587709600
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 02 Feb 2023 09:21:36 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:35 GMT
ETag: RXca2840451aea4feeb54d58cb8e83ba83005
Expires: 0
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3587709600
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pragma: no-cache
Server: Tengine
Transfer-Encoding: chunked

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame A63D 0
0 129ms
36ms Document
text/plain 157.90.40.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.26.40.90.157.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Thu, 02 Feb 2023 09:21:35 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A456
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
443 B

213ms
198ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7931db881b965b62-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7931db86baa65b62-FRA
content-type: text/html
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 244

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 179B
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

47ms
46ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Thu, 02 Feb 2023 09:21:35 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 1848 43 B
368 B 142ms
48ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e6f4cf1bc6a0874/gdpr=0/ Frame C3CF
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e6f4cf1bc6a0874/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...

49 B
264 B

132ms
94ms

Document
image/gif

52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e6f4cf1bc6a0874/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSnUMWjMbhjUgaSTW%2526gdpr%253D0%2526gdpr_consent%253D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Thu, 02 Feb 2023 09:21:36 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.12.81

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e6f4cf1bc6a0874/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSnUMWjMbhjUgaSTW%2526gdpr%253D0%2526gdpr_consent%253D

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 3D62 43 B
283 B 210ms
46ms Document
image/gif 64.95.96.108
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Thu, 02 Feb 2023 09:21:35 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-10

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3S97VLGmQXqI83u8ai7QGA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

40ms
40ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=99699
accept-ranges: bytes
content-length: 5554
expires: Fri, 03 Feb 2023 13:03:14 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dcd2b66185fcb9a2/gdpr=0/ Frame 4E62
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dcd2b66185fcb9a2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
265 B

194ms
55ms

Image
image/gif

52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dcd2b66185fcb9a2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.28
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dcd2b66185fcb9a2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

202

Artemis
aud.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&addseg=19,36,42

0
0

773ms
188ms

Image
application/json

104.36.113.68
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.113.68 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhs9LUk_dLJj_KydSyFnvI&google_cver=1

42 B
398 B

190ms
189ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhs9LUk_dLJj_KydSyFnvI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhs9LUk_dLJj_KydSyFnvI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 4E62 43 B
612 B 159ms
49ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 01 Feb 2023 09:21:35 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2553896114296436170

42 B
218 B

188ms
49ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2553896114296436170
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2553896114296436170
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4E62 70 B
264 B 62ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=85ffb688-ad27-4215-a6a0-a5fee99999a2&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&gdpr_pd=

1 B
244 B

46ms
45ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 02 Feb 2023 09:21:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4E62 43 B
602 B 198ms
60ms Image
image/gif 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LI5BsghE2uU1Ils4eStxFEKXgHkNPx0-~A&gdpr=0

0
260 B

622ms
183ms

Image
text/plain

204.237.133.121
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LI5BsghE2uU1Ils4eStxFEKXgHkNPx0-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 204.237.133.121 Ambler, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LI5BsghE2uU1Ils4eStxFEKXgHkNPx0-~A&gdpr=0
date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 4E62 0
104 B 211ms
91ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4E62 0
191 B 178ms
172ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6572a6f2-c382-422d-a86d-c9110eee5cf8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

51ms
48ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6572a6f2-c382-422d-a86d-c9110eee5cf8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6572a6f2-c382-422d-a86d-c9110eee5cf8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 02 Feb 2023 09:21:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4183605280264715858&gdpr=0&gdpr_consent=&us_privacy=

1 B
175 B

47ms
46ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4183605280264715858&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4183605280264715858&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4E62
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8020408773171338617

42 B
95 B

50ms
49ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8020408773171338617
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 02 Feb 2023 09:21:36 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f7d05e78-51a9-4067-ad67-b1423e6d4d6f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8020408773171338617
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E484
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YcwBBou6Rt-Tz6Y6YiibxQ&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=YcwBBou6Rt-Tz6Y6YiibxQ&gdpr=0

43 B
479 B

129ms
129ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=YcwBBou6Rt-Tz6Y6YiibxQ&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TH5JGX2E7WE2JAK9FE28
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=YcwBBou6Rt-Tz6Y6YiibxQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E484
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERNVzFKRE0tMVgtMjVURQ==&gdpr=0

170 B
188 B

50ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERNVzFKRE0tMVgtMjVURQ==&gdpr=0

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERNVzFKRE0tMVgtMjVURQ==&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E484 70 B
264 B 59ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E484
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/KnXmDm8KL3VQzcXq2itSzcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-25rKp_tE2oKAecMoFcd8Q4bXh_PuVb4ww0qmwg--~A

0
239 B

169ms
43ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-25rKp_tE2oKAecMoFcd8Q4bXh_PuVb4ww0qmwg--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 02 Feb 2023 09:21:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-25rKp_tE2oKAecMoFcd8Q4bXh_PuVb4ww0qmwg--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E484
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CrT6Xw30ShuCyni8Bp-XOA&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CrT6Xw30ShuCyni8Bp-XOA&gdpr=0

43 B
720 B

134ms
133ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CrT6Xw30ShuCyni8Bp-XOA&gdpr=0

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K2VVE66JKAEVRTCFXYXJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CrT6Xw30ShuCyni8Bp-XOA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E484
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU4ZWM1MmFjMTA5OWEwMDcwNzM1NmU0ZjI1N2RhNzBkMzdhNTRkZA&gdpr=0

170 B
188 B

51ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU4ZWM1MmFjMTA5OWEwMDcwNzM1NmU0ZjI1N2RhNzBkMzdhNTRkZA&gdpr=0

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU4ZWM1MmFjMTA5OWEwMDcwNzM1NmU0ZjI1N2RhNzBkMzdhNTRkZA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

422
Unprocessable Entity

tap.php
pixel.rubiconproject.com/ Frame E484
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECpZeJJSCM31Pt3bHF2o0ns&google_cver=1

0
0

173ms
50ms

Image
text/plain

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECpZeJJSCM31Pt3bHF2o0ns&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECpZeJJSCM31Pt3bHF2o0ns&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E484
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDMW1JDM-1X-25TE&gdpr=0

0
706 B

290ms
188ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDMW1JDM-1X-25TE&gdpr=0
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 32EE3305CF9346EA842F0AC03EF77EFD Ref B: FRAEDGE1319 Ref C: 2023-02-02T09:21:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXztBdqhUEg1Tqzty5o/g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDMW1JDM-1X-25TE&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 6114e7fefe75f2098548cc72.json Show response
serv-selectmedia.com/cdn/mcm/ 14 KB
15 KB 40ms
40ms Fetch
text/plain 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/mcm/6114e7fefe75f2098548cc72.json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c33b72081b11e2cdb68016efeb7a0568a8e22cefa95291636bcea5693ea37df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:19:33 GMT
age: 122
x-guploader-uploadid: ADPycdse0zVk0YbAVWtwIbt8zTKmBxSYnMPwbW36bABx90OmszZOzJ3wMyUHRIr64N0ks-wDxifszTCY3JTTkIgVcqYXA1kh5KiK
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14840
last-modified: Thu, 02 Feb 2023 08:19:08 GMT
server: UploadServer
etag: "e22b95290ea362009f73980395689856"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=OoWFmQ==, md5=4iuVKQ6jYgCfc5gDlWiYVg==
x-goog-generation: 1675307644144684
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 14840
accept-ranges: bytes
content-type: text/plain; charset=utf-8

GET
H3 200 2539698496735950919
tpc.googlesyndication.com/simgad/ 23 KB
23 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2539698496735950919

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 18:57:39 GMT
x-content-type-options: nosniff
age: 570236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23825
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:07:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jan 2024 18:57:39 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
123 KB 247ms
107ms Script
text/javascript 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2864bf3ca82a5e7f9cc6e96e40dc32665faea6bb959d04686ba2155ccba3c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125826
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:36 GMT

GET
H2 204 /
track-selectmedia.com/trackv4/ 0
45 B 184ms
183ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?&d3=a6dd3704-3e26-4321-986d-4e73707b71dd&d4=9a8ff5d9-2c48-4af0-8886-4e8eaafdfaad&d2=1675329695&d5=vnexpress.net&d28=1163&d33=20&d34=450&d35=3&d36=1&d37=1&d38=1&d26=640x360&d27=-1&cb=1675329695863-9be2c999-d19c-44fa-a96d-acedddf3d188&e=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 hb_310028_9674.js Show response
player.hb.selectmedia.asia/prebidlink/465369/ Frame F403 439 KB
133 KB 46ms
45ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 355f2368b6948f9c991398366a77dc4529239ba20d0e910a2d0bd221b45f5d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 02:16:04 GMT
server: nginx
etag: W/"639148e4-6dcd6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 04 Feb 2023 09:21:35 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F403 80 KB
27 KB 125ms
124ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be6695f912b24456df12e45909353ad53d21ce4f29c76eedd23fb22940ab9a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27561
x-xss-protection: 0
server: sffe
etag: "1470 / 985 of 1000 / last-modified: 1675292875"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Feb 2023 09:21:35 GMT

GET
H2 200 uam2_wrapper_hb_310028_9674.js Show response
player.hb.selectmedia.asia/prebidlink/465369/ Frame F403 2 KB
1006 B 70ms
70ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/465369/uam2_wrapper_hb_310028_9674.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: cb9db5f79e13296dd36ef794d020cc111e1414c9d9cb390542198ed73cd466e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 14:53:44 GMT
server: nginx
etag: W/"63d92b78-685"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 04 Feb 2023 09:21:35 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame F403 193 KB
47 KB 52ms
51ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:28:43 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 21:25:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 3173
x-amz-server-side-encryption: AES256
etag: W/"a32dad266af898d87dd85cf65ca93536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: q0c6_M0dqL9Clrpb-QM3XnvczEz2CIOk6gxXNCTmP6Q8mHhtfDQKiA==

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/ Frame F403 12 KB
5 KB 149ms
41ms Script
application/javascript 2600:9000:206f:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi-ip.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:11:44 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-version-id: j75Ms6xMLtZcJs44e2fdXiQ9EnaK7E2W
last-modified: Tue, 06 Sep 2022 10:54:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 593
etag: W/"8ad2beee52c2abad4a49b927b72d3048"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id: Ynzkk2b718Ohh31zCzBhe0VCCuvxbsPLO6RCkXyeZpJ9sfqpACyslw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B597 0
0 88ms
88ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst36J3wUXwYhbJ3ISDfBNWsTJZEH_gSZehUMZhexB_biKVvtO5pI1ZIgVW0ApIVMMRxYEPPZ8tGNiYUZUzTghCblXOWM6BERLT-_J3Cy99Af18GIdPLgB1FQ4LI_SlNT0wiEE_5GBv6OXZKtoHuZ_CZLHAexzp7dokTNee-ElnqWihh3h2vG0U8N5Pgi8EuqqhQ8IAB5YXf1t-1alUk_xZxp1aAa4hFSXDZKmIuOlhSnXgW8gT06tHdZlAXCSG_P35A3EIAqXShIA700WypgiBqqwJxql7DQRdg9dg85IXSnGeMV1rJIuHg5bUK84DxKa5ul7IrEHy5yZos-5Jg63XYbUvwOd7-Rsa0KDSuG2tbnh1hDGN0IUTPGC5swHMNY_onuVUCqh0T19oo1Qgh&sai=AMfl-YS6byZV9EUQbndjF8gZV7zMMc3NrOtRSTPNRwqvoBxmLG8SX8jNIyiZ2hxat_K3gcLPid_zaPBiVjDBWFiJHXUGQsPoImrcScBfVc9xo8a0qKou6EJovGGTpXDRmLg&sig=Cg0ArKJSzAxdwTDqExIOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:35 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame F403 2 KB
2 KB 46ms
46ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:41:08 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 6027
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: eMBZbwuVDLP0_umsFg_jnO-mZFCe1iAul0IrWhPHWA4s0PKR8gaUIg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F403 6 KB
3 KB 47ms
46ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 03:57:09 GMT
x-amz-cf-pop: VIE50-P1
age: 19476
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: YUmCK2WGyyu3KRRlEmObPVP3lM9iCYXyjnWy_BKupiyepQow0V_x6Q==

GET
H2 200 hbw_master_310028_9674.js Show response
player.hb.selectmedia.asia/prebidlink/19390/ Frame F403 357 KB
63 KB 44ms
43ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_310028_9674.js
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/uam2_wrapper_hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: a32f86c403794215faf8aaeb2eb2aeba925e3a2409eabcd9ad6a46cd8d1ac4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:35 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 14:53:44 GMT
server: nginx
etag: W/"63d92b78-5936e"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 04 Feb 2023 09:21:35 GMT

GET
H2

200

tag Show response
btloader.com/ Frame F403
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

49ms
46ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2902
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98cn%2F3zOiAXNEDdDPQsbKxMlBYPVPjFhJAT3TizVqPAvoIjdWUkoydhu8zKOqo4q24GYH9qWgHH0%2BECjvA4%2B9nQZd%2B3I%2FjWEBfWVBzJ468N8x1vv196KHs9E1QmatoxUI%2F6DN90Ckf9BWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931db889f59925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:36 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2902
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U60oKQi6tOAte6LbERTrgyyZ2Liy0jvSI7mERxKbD6RCJmRDi%2Bt1FfgF949C1z%2Btw07L%2FfSNojnme%2FhFbz3W9gj2hJ8XUvl1mNIcSWAPHrp1AVNRAG3POQaHpMdNPUYw%2BYE%2FQhjYBVwvtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931db884f09925c-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame F403 54 KB
17 KB 48ms
48ms Script
application/javascript 104.103.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.89.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-89-173.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 02 Feb 2023 09:36:36 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame F403 32 KB
10 KB 45ms
44ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 984
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: jGNgyC1gdwvWpUzM4uVveo8fgDfDc38uplhy5L3Ce4mOLs6CnLfQIQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame F403 57 KB
17 KB 50ms
50ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 663
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931db884d553a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

POST
H2 200 62978707 Show response
mc.yandex.com/webvisor/ 43 B
145 B 86ms
85ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/62978707?wv-hit=684049679&page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1675329696%3Aw%3A1600x1200%3Av%3A960%3Az%3A0%3Ai%3A20230202092136%3Au%3A1675329686164661259%3Avf%3Asmv4ejgykhrjvgldb09nr%3Ast%3A1675329696&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 02-Feb-2023 09:21:36 GMT
content-type: image/gif
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 09:21:36 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F4F9 42 B
64 B 78ms
77ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1vc6n6fkNCNaTXqLEaVmfD0Xtnd-0lBAPOz_03xUulSd1QupivnUxwOmvW25oqJAuLbC4XPxhGV1pOuZzLoq0gRpxx15cLRHCun9YyirNIrUaJDwusL1Tm2av_9pDydtG7SxcGA&sai=AMfl-YQ-uo8LMCC8ci7VH1wgjjpiyZ8ri3kX70ZvAnaddu0XTeRO7ppPBtRLYIjjFuIq-J1pqTDHKxjW_ZpH6IEYrq0cj5HpWtIADv0IDPJDWEbTpcJZ8Nm-zn-clkza&sig=Cg0ArKJSzNRwWOBkHFSEEAE&cid=CAQSPADUE5ymcmMl02hktu2_PKinfAjdQohAnKAStW-PiPZ-2xgoLXSX-3HhB96RjAibySiIez_grCNSoQGCYhgB&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=508&tls=1508&g=100&h=100&tt=1509&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F403 386 KB
130 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133524
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 21:44:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame F403 4 KB
944 B 86ms
86ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3f3aba9a2da1ad7462c294983680c33427cd3abfca866883fc310d331ba94aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:36 GMT

GET
H/1.1 200
OK / Show response
ghb.hb.selectmedia.asia/geo/ Frame F403 139 B
408 B 47ms
46ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/geo/
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_310028_9674.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ff8e854dad325d8864dac7080788482bd051eec2c66c2b1d01e20c6d79196db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:36 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 139

GET
H/1.1 200
OK tracking Show response
ghb.hb.selectmedia.asia/adunit/ Frame F403 43 B
434 B 47ms
47ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/adunit/tracking?event=11&type=0&client_id=310028&site_id=9674&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fvnexpress.net&adid=mw1mpb.me&features=81957&vpbv=N117&tte=161&lifecycle_tte=168
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_310028_9674.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:36 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/ Frame F403 261 KB
85 KB 46ms
46ms Script
text/javascript 2600:9000:206f:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50c610671f4eb4fbc4b59ccfb51f675a5753375b54a92ae09bdab34f0bf074fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:11:26 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-version-id: BL7bzpojsVs0A7uQm86NJhZU2BgGmPCd
last-modified: Thu, 02 Feb 2023 08:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 611
etag: W/"e18b58c84df6004a53a6c409998203b1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: B1JzJFlkX7UBZ5svINkL7797Uyio12-9Xh8DdtX0vYp1XkumhbjG9g==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F403 60 B
331 B 62ms
62ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fdcd9aae128d1a3ec47dcd52f6d89f2227f6bd86714e053513a4ecdee60f8e24

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.18.34
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 736F 49 KB
18 KB 450ms
63ms Document
text/html 2a02:6ea0:cb00::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Thu, 02 Feb 2023 09:21:36 GMT
etag: W/"61c991db-c5bc"
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: Abm0DAYfyVL/y2gLAA
x-77-nzt-ray: fefc880d307460e9a080db637da1af21
x-77-pop: viennaAT
x-accel-expires: @1675618773
x-age: 747723
x-cache: HIT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/305666/ Frame F403 26 KB
11 KB 51ms
50ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/305666/config.json?cb=https%3A%2F%2Fvnexpress.net
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4172333cd43faee1ccf45c6c95c3f3cb8bf0ae0b96da4ab0e1183dd3acd66295

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 04 Feb 2023 09:21:36 GMT
date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 12:01:19 GMT
server: nginx
etag: W/"63da548f-67e1"
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame F403 23 B
461 B 159ms
158ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=oVrw3SFd4GXp1&cb=0&ws=300x250&v=23.127.1625&t=1900&slots=%5B%7B%22sd%22%3A%22gpt-passback%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F84772874%2FVidsplay_300X250_EBDA%22%7D%5D&schain=1.0%2C1!selectmedia.asia%2C6114e7fefe75f2098548cc72%2C1%2C%2C%2C&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: HKDGZPFQY1D9ZYJVN5GP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Q2PLM9nUnQCspb4doFgp3-GGXRK-Mu5h9-j0akAQFHL5DR69Txquvg==

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 39ms
39ms Preflight 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 02 Feb 2023 09:21:36 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 43ms
42ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Feb 2023 09:21:36 GMT
server: ATS/9.1.10.25

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F403 12 KB
5 KB 144ms
143ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=385896&zone_id=2149448&size_id=15&gdpr=0&rp_schain=1.0,1!selectmedia.asia,6114e7fefe75f2098548cc72,1,,,&eid_criteo.com=_tyE3F9LejhCNmFCZmFLJTJGNiUyQmlkeGllcUNVUDAlMkZFZFNic1FKMllwcjJSTHdGTVBCbE1aSmFEWEpJaFVlUUc3VjVEN05QZDJlM2N0Mnk5QmtVejIlMkJIJTJGY2FxQ1N3aDV3MGxxRjlTN2JCcDZxdUQzYWMlM0Q%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=a142018b-6df6-4cb3-a49b-0ee20d386670%5E1&rf=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&tg_i.pbadslot=%2F84772874%2FVidsplay_300X250_EBDA%23gpt-passback&tk_flint=pbjs_lite_v6.25.4&x_source.tid=8339a226-c07a-4ef9-a58f-cbf7fd8aee9c&l_pb_bid_id=2af1f64aef6199&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F84772874%2FVidsplay_300X250_EBDA%23gpt-passback&slots=1&rand=0.7766373753524312
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6afce051761e9645b6414fdb2bd412e460662e65cb42d532d721535a5465b9fd

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F403 0
175 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame F403 0
41 B 46ms
46ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Thu, 02 Feb 2023 09:21:35 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F403 0
58 B 130ms
129ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 arj Show response
select-d.openx.net/w/1.0/ Frame F403 174 B
187 B 243ms
242ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://select-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8339a226-c07a-4ef9-a58f-cbf7fd8aee9c%2C8339a226-c07a-4ef9-a58f-cbf7fd8aee9c&nocache=1675329696205&gdpr=0&criteoid=_tyE3F9LejhCNmFCZmFLJTJGNiUyQmlkeGllcUNVUDAlMkZFZFNic1FKMllwcjJSTHdGTVBCbE1aSmFEWEpJaFVlUUc3VjVEN05QZDJlM2N0Mnk5QmtVejIlMkJIJTJGY2FxQ1N3aDV3MGxxRjlTN2JCcDZxdUQzYWMlM0Q&id5id=0&pubcid=a142018b-6df6-4cb3-a49b-0ee20d386670&schain=1.0%2C1!selectmedia.asia%2C6114e7fefe75f2098548cc72%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=gpt-passback%2Cgpt-passback&aucs=%252F84772874%252FVidsplay_300X250_EBDA%2523gpt-passback%2C%252F84772874%252FVidsplay_300X250_EBDA%2523gpt-passback&auid=541148923%2C541148923&aumfs=400%2C0
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c72fd8f3c7b6be1a9ae192dedd5500eff623bfc480eab45320ed0d374abdf540

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F403 0
498 B 118ms
117ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame F403 37 B
332 B 61ms
60ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=740309&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2214e59b754dabef5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%2C%22page%22%3A%22https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.4%22%2C%22userIds%22%3A%5B%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215b3a63c41ad997%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22740309%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F84772874%2FVidsplay_300X250_EBDA%23gpt-passback%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%226114e7fefe75f2098548cc72%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a142018b-6df6-4cb3-a49b-0ee20d386670%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6933783fa307f2fcdb88121d0a5e4a4b48072a9e99d2d150e1ad3bb64b5b5237

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGBm4geRS6eFgW5tQbHQ0NVWJuRPteugVlwLc8CXW3nSm5vh67IULH1kMv5%2BqfW2njvEr5Ckvmbl4vslJ4z%2Bb%2Fk2ww3ojmnOCikb1BR0Fam7hFgJy1TZr7JgvjI8OL7BThnwCJKS"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931db896bea39ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame F403 15 B
360 B 41ms
40ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F403 0
58 B 136ms
135ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame F403 66 B
142 B 115ms
115ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3268333640632d220439c08435b9d9ac6d1a5bc5f03a9aeced77f374a015e7fd

Request headers

Referer: https://vnexpress.net/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F403 19 B
977 B 54ms
54ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
AN-X-Request-Uuid: a5de9f9b-1fde-4ef4-a877-beedc3be1918
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame F403 19 B
520 B 43ms
42ms XHR
application/json 18.196.123.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.4&referrer=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&tmax=2000&gdpr=false

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.123.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-123-254.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame F403 24 B
524 B 48ms
48ms XHR
application/json 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 4b87c46f909eecb9fcaeddca12dfda2c5b5f93e81985a6fc602679fee66c59ed

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Feb 2023 09:21:36 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H3 200 arj Show response
adtelligent-d.openx.net/w/1.0/ Frame F403 173 B
187 B 135ms
134ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8339a226-c07a-4ef9-a58f-cbf7fd8aee9c&nocache=1675329696216&gdpr=0&criteoid=_tyE3F9LejhCNmFCZmFLJTJGNiUyQmlkeGllcUNVUDAlMkZFZFNic1FKMllwcjJSTHdGTVBCbE1aSmFEWEpJaFVlUUc3VjVEN05QZDJlM2N0Mnk5QmtVejIlMkJIJTJGY2FxQ1N3aDV3MGxxRjlTN2JCcDZxdUQzYWMlM0Q&id5id=0&pubcid=a142018b-6df6-4cb3-a49b-0ee20d386670&aus=300x250&divids=gpt-passback&aucs=%252F84772874%252FVidsplay_300X250_EBDA%2523gpt-passback&auid=541177132
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6067f8e24e6f3286af6419cda15d2c7aa3a5f75efc8f325f971182d464fb07f8

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D1E 0
858 B 42ms
41ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
AN-X-Request-Uuid: f4841c2b-2b28-4754-a970-8072bec55483
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 32E8 0
858 B 40ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:36 GMT
AN-X-Request-Uuid: 36736a4f-b7aa-478a-918f-3acc2b20dc05
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 47E6 406 KB
129 KB 42ms
41ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:19 GMT
content-encoding: gzip
age: 7577
x-guploader-uploadid: ADPycdtZJ1FTudfF_1itO0N_dJgQlRUsAgA725k1d4urNxsNZ-i-85R9rleEwYwX8-lvrPjiixBjQUd_o50bF-6qAv69f0X8xk-5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 975F 694 KB
222 KB 53ms
52ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 228ms
86ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Feb 2023 09:21:36 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 47E6 193 KB
47 KB 56ms
56ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:28:43 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 21:25:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 3174
x-amz-server-side-encryption: AES256
etag: W/"a32dad266af898d87dd85cf65ca93536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: fVkYd92yxZKJsfRtg0YqPh-RT3vaePFG0Ch31vhj8yyRUh99gGyPpQ==

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 0B4F 406 KB
129 KB 85ms
85ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:19 GMT
content-encoding: gzip
age: 7577
x-guploader-uploadid: ADPycdtZJ1FTudfF_1itO0N_dJgQlRUsAgA725k1d4urNxsNZ-i-85R9rleEwYwX8-lvrPjiixBjQUd_o50bF-6qAv69f0X8xk-5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame C2BB 694 KB
222 KB 103ms
102ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame 0B4F 177 KB
44 KB 107ms
107ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 06:59:31 GMT
content-encoding: gzip
age: 8525
x-guploader-uploadid: ADPycdvKZLk-3H2JEFVRY-9DnRjffe5pnrABdde_VRu5OrQ4ESE-1S3wwRGYtJtKx66hFoh2ITudDfUXyb9eCvmS0yp_Lg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
x-goog-generation: 1667372273714744
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame F82B 406 KB
129 KB 107ms
105ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:19 GMT
content-encoding: gzip
age: 7577
x-guploader-uploadid: ADPycdtZJ1FTudfF_1itO0N_dJgQlRUsAgA725k1d4urNxsNZ-i-85R9rleEwYwX8-lvrPjiixBjQUd_o50bF-6qAv69f0X8xk-5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame A4A2 694 KB
222 KB 127ms
126ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame F82B 177 KB
43 KB 120ms
119ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 06:59:31 GMT
content-encoding: gzip
age: 8525
x-guploader-uploadid: ADPycdvKZLk-3H2JEFVRY-9DnRjffe5pnrABdde_VRu5OrQ4ESE-1S3wwRGYtJtKx66hFoh2ITudDfUXyb9eCvmS0yp_Lg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
x-goog-generation: 1667372273714744
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame B5D8 406 KB
129 KB 117ms
116ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:19 GMT
content-encoding: gzip
age: 7577
x-guploader-uploadid: ADPycdtZJ1FTudfF_1itO0N_dJgQlRUsAgA725k1d4urNxsNZ-i-85R9rleEwYwX8-lvrPjiixBjQUd_o50bF-6qAv69f0X8xk-5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7F9D 694 KB
222 KB 143ms
137ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame B5D8 177 KB
43 KB 121ms
120ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 06:59:31 GMT
content-encoding: gzip
age: 8525
x-guploader-uploadid: ADPycdvKZLk-3H2JEFVRY-9DnRjffe5pnrABdde_VRu5OrQ4ESE-1S3wwRGYtJtKx66hFoh2ITudDfUXyb9eCvmS0yp_Lg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
x-goog-generation: 1667372273714744
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 1D5E 406 KB
129 KB 117ms
116ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:19 GMT
content-encoding: gzip
age: 7577
x-guploader-uploadid: ADPycdtZJ1FTudfF_1itO0N_dJgQlRUsAgA725k1d4urNxsNZ-i-85R9rleEwYwX8-lvrPjiixBjQUd_o50bF-6qAv69f0X8xk-5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 26B9 694 KB
222 KB 188ms
187ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame B2EA 406 KB
129 KB 42ms
41ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame E3A6 694 KB
222 KB 180ms
180ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame C118 406 KB
129 KB 43ms
43ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8EFD 694 KB
222 KB 172ms
172ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 731E 406 KB
129 KB 75ms
74ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8ABF 694 KB
222 KB 58ms
57ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 985B 406 KB
129 KB 77ms
77ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5F96 694 KB
222 KB 59ms
54ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 47FF 406 KB
129 KB 69ms
69ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame EAA5 694 KB
222 KB 84ms
83ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 26BF 406 KB
129 KB 60ms
60ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame D389 694 KB
222 KB 74ms
74ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame A6C2 406 KB
129 KB 67ms
67ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame AEA2 694 KB
222 KB 93ms
92ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 8AC5 406 KB
129 KB 65ms
65ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame E139 694 KB
222 KB 94ms
94ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame E4B7 406 KB
129 KB 60ms
59ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1F07 694 KB
222 KB 88ms
84ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 4C14 406 KB
129 KB 61ms
60ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 35B8 694 KB
222 KB 87ms
84ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 2745 406 KB
129 KB 57ms
53ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame ED97 694 KB
222 KB 91ms
90ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 6A75 406 KB
129 KB 53ms
53ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame B670 694 KB
222 KB 91ms
90ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame BC38 406 KB
129 KB 51ms
50ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3A73 694 KB
222 KB 86ms
85ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame A733 406 KB
129 KB 49ms
47ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9B2C 694 KB
222 KB 87ms
86ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame B0B0 406 KB
129 KB 45ms
44ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:15:23 GMT
content-encoding: gzip
age: 7573
x-guploader-uploadid: ADPycdu3BcRP6FSlm39ZsZd68qRciUlWbCcxJPc9Kay8aVqwxpyWyvgfqkXutGpwnmRjOTp0wuX5S9Epq162styrHqPna0PWQjr6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 66B7 694 KB
222 KB 98ms
98ms Document
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
serv-selectmedia.com/serving_v3/ 15 KB
5 KB 192ms
191ms Fetch
application/json 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/serving_v3/?channelid=9a8ff5d9-2c48-4af0-8886-4e8eaafdfaad&height=250&publisherid=a6dd3704-3e26-4321-986d-4e73707b71dd&tagid=tag_255f5966-6755-44b0-b693-33617df71731&templateid=13040bed-d283-4fd9-abec-62d240273393&width=300&domain=vnexpress.net&hostname=vnexpress.net&url=vnexpress.net&cb=1675329696902-79b5e3dc-94f3-438c-b921-8200d77afcb4&is_desktop=1
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 1d30ea9b600700b1e59d806ec05e949ef0fb78ce4cc3c056018da7990d1c2c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:37 GMT
content-encoding: gzip
via: 1.1 google
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-accel-expires: 0
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 204
No Content multitracking Show response
ghb.hb.selectmedia.asia/adunit/ Frame F403 0
224 B 47ms
47ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/adunit/multitracking
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_310028_9674.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Thu, 02 Feb 2023 09:21:37 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame F403 107 B
122 B 76ms
76ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F403 107 B
122 B 53ms
52ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F403 51 KB
20 KB 114ms
113ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=929719350594171&correlator=4319577533859255&eid=31072022%2C31072043%2C44777898&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=84772874%2CVidsplay_300X250_EBDA&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=596843069&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dc6e5b1dc46c14ea8%3AT%3D1675329690%3AS%3DALNI_Ma3MoCjsKMaLWlGwWbHt0FY-rQzlw&gpic=UID%3D00000bae12e6a6e5%3AT%3D1675329690%3ART%3D1675329690%3AS%3DALNI_MYORA8NesIqT39p8SOl4l9sop8_LA&abxe=1&dt=1675329697914&lmt=1675329697&dlt=1675329695889&idt=250&adxs=435&adys=2020&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=tbe78160a5jp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&ref=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&top=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=36675206.1675329686&ga_sid=1675329698&ga_hid=1778865428&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802b98f483664c8616ab4c571f37ae54c2bd6b7378f0f87c70f5aa740cdf44e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20877
x-xss-protection: 0
google-lineitem-id: 5758418825
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138313975333
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F403 14 KB
11 KB 88ms
87ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6b657b03f09aca8c5e37bb301275e85f148aef254f87ad9a53936f9d5e655f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11155
x-xss-protection: 0

GET
H2 200 container.html Show response
d9d18169329477829e95730764e80a24.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0ECB 6 KB
3 KB 140ms
85ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9d18169329477829e95730764e80a24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:38 GMT
expires: Fri, 02 Feb 2024 09:21:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 0EBF
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178

86 B
696 B

41ms
41ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
content-length: 86
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BdKJ5tK1Q0szb47QZ%2BcO2g18PFLo4mR4OoLIjId9yhq9qjg61ft2asOd6MC%2BwPJ9XpRoehKx%2BOz3pEs3BHk8dEBjS8EKAchLYED6H0S0aWPHRNcgLMSTaOVM%2FExERY2pZgMqddS"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178
cache-control: no-cache
cf-ray: 7931db956d4f36dd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 4E62 0
260 B 146ms
43ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 /
track-selectmedia.com/trackv4/ 0
45 B 186ms
184ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d19=10&d2=1675329600&d20=109.0.5414&d23=tag_255f5966-6755-44b0-b693-33617df71731&d24=9a8ff5d9-2c48-4af0-8886-4e8eaafdfaad&d25=13040bed-d283-4fd9-abec-62d240273393&d3=a6dd3704-3e26-4321-986d-4e73707b71dd&d4=e86f8c76-29a2-4488-b3a9-146c41ebaa67&d5=vnexpress.net&d8=1&d9=Windows&channelkey=dHMxPWU4NmY4Yzc2LTI5YTItNDQ4OC1iM2E5LTE0NmM0MWViYWE2NyZ0czI9MSZ0czM9MyZ0czQ9MS41OA==&d28=1163&d33=20&d34=450&d35=3&d36=1&d37=1&d38=1&d26=640x360&d27=0&cb=1675329698729-a5074b2e-fe0c-45cf-8a02-320b3e9a8d9a&e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 /
track-selectmedia.com/trackv4/ 0
45 B 185ms
184ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d19=10&d2=1675329600&d20=109.0.5414&d23=tag_255f5966-6755-44b0-b693-33617df71731&d24=9a8ff5d9-2c48-4af0-8886-4e8eaafdfaad&d25=13040bed-d283-4fd9-abec-62d240273393&d3=a6dd3704-3e26-4321-986d-4e73707b71dd&d4=e86f8c76-29a2-4488-b3a9-146c41ebaa67&d5=vnexpress.net&d8=1&d9=Windows&channelkey=dHMxPWU4NmY4Yzc2LTI5YTItNDQ4OC1iM2E5LTE0NmM0MWViYWE2NyZ0czI9MSZ0czM9MyZ0czQ9MS41OA==&d28=1163&d33=20&d34=450&d35=3&d36=1&d37=1&d38=1&cb=1675329698729-492c32c7-66d3-4a54-8679-0032cdb5d300&e=36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
39 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7064b5e20cfcc8922c59e8ab0de59b79f2bb1a73c55cac37353d29df7cd561da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39432
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 09:21:38 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6DDD 920 B
1 KB 45ms
44ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13156048&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 08a15d47817b82e0b6cf5ef24365f16f0b3f9402274ebd7924a4d4f33455839d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 02 Feb 2023 09:21:38 GMT
content-length: 920
content-type: text/html; charset=UTF-8

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 0B4F 2 KB
2 KB 60ms
60ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5330
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: pUFe3QoG0_bfI-NY6HkY4Fqpr6JMdyYi3GriK9k4Isn5f_n_-_Lg4g==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 0B4F 23 B
461 B 97ms
96ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=9BIG22VLJ0qf6&cb=0&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: V506X431PRXBTY08QRFS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YrK0l6GP4rqRKgyxAqE_mX8YI1OoU0VXfJaf_rgkZgOjiXXydJmHRw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0B4F 6 KB
3 KB 46ms
45ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 03:57:09 GMT
x-amz-cf-pop: VIE50-P1
age: 19479
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: owKek3QQEOl-AsKbztEYda5UNyY0MZ4IyI5TjKiOY5dWb2YqCHXh_Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame F82B 2 KB
2 KB 53ms
53ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5330
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: tTO3skNvu9fjTuQVR4_2KOl7HQc_1lNmoQn04HC2Bf7zkIlSmKbJqQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame F82B 23 B
460 B 111ms
111ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=d3WMzenqwIPTI&cb=0&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 99088JVWEGNNFCHAPZR1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _3h7iaBhXpGO2LozHW3JITqooYPYGQfaeOGBKTs6PgE4Q9EZMVm1Sg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F82B 6 KB
3 KB 45ms
45ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 03:57:09 GMT
x-amz-cf-pop: VIE50-P1
age: 19479
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: coRkLvHxED9Rpv0J87wJPcIrHWHmmcDfKSNTn5YhpPtjsBJCLu9RCQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 47E6 2 KB
2 KB 50ms
50ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5330
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: -EJnBUZyzq8qpW_dK1R2hK-BuowNDXwcQs8JHI-Wk6PiMkbg3C6k3A==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 47E6 23 B
459 B 98ms
98ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=mJCKh0aGknyFj&cb=0&ws=0x0&v=23.127.1625&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: REJ2SWNS62EN57VSRAE9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: jfLgrc3GJov015Vb65rOFe4jOx7setKtdb5Ms9z5yKh4IoBST4SvJg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 47E6 6 KB
3 KB 45ms
45ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 03:57:09 GMT
x-amz-cf-pop: VIE50-P1
age: 19479
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _gwje-zhR_5VhpJIRFPjyn-XyzCsV8tSNIeKwVcHmYMAxpfJPBAAfA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B5D8 2 KB
2 KB 45ms
45ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5330
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: -8_fM7hcMEqN97N4gv6UKqEDh7OlXphMBTSr8IenXXJD8AlAQUOUkg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame B5D8 23 B
460 B 101ms
100ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=PomRneScQrZ14&cb=0&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: R1SA5WN7WY7TDZPFVTWZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: FjVdfmpvq86HqOJbXFq_Q2_C7ovFkIeT-3PebTTyKhanU5mGALj08A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B5D8 6 KB
3 KB 45ms
45ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 03:57:09 GMT
x-amz-cf-pop: VIE50-P1
age: 19479
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 3edvrIpTgd5yKoMAATT_CjcrYpA7L8ybzMg9ozTe4X26l0xWmFFfNQ==

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 0B4F 36 B
541 B 58ms
57ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab37561c8eb7ed6a9b35829478d573844df36302429c3a50d512bb8e07c190a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1WF0iTHmZKo%2FJUCRXrkltpBszM6TS90ow%2FFWv8Y6bJ6exd2m%2FEoEDQf6tYFqyMLpCDcErZy21WN5zKaQFXY4MhTtwvpIP3HjwGP%2FXYLmbeGLpe%2FqEofGdWRbmf0gpHYL%2BulhvZc"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931db9a79e93738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F82B 0
58 B 47ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame B5D8 0
42 B 49ms
48ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 44ms
44ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Feb 2023 09:21:38 GMT
server: ATS/9.1.10.25

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 1D5E 0
19 B 52ms
51ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 44ms
43ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Feb 2023 09:21:38 GMT
server: ATS/9.1.10.25

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B2EA 138 B
1 KB 41ms
41ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f5bc43f1bf8231a1aaa776dbe00f8d7c01b3d8ce81ae0dbec887baf0acdfd1b4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:38 GMT
AN-X-Request-Uuid: 9b2d5f5e-0406-4bad-a81f-cd8911b623bc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content 322311 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame C118 0
982 B 239ms
52ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/322311?src_sys=prebid
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004251
X-SpotX-Timing-Transform: 0.000337
X-SpotX-Timing-SpotMarket: 0.004251
X-SpotX-Timing-Page-Require: 0.000353
X-fe: 141
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.001631
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.007766
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000294
Last-Modified: Thu, 02 Feb 2023 09:21:39 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Exception: 0.000000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000017
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000880
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 731E 173 B
401 B 187ms
42ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7beb420b483c9ae3bccdbc188df07779991cd4c750ff44b2022ae4e92ef604cc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 985B 36 B
503 B 52ms
52ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b36f0959b41de057e722916bd5cef713ff770a472797e5869e07fa594c2ef39d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5lfOCT%2B9wJInoUa0kqKazmCCrBiBi24%2FbVhecWuTfdQGZ3caTIOKc4OZ6au1%2BD90FjOBuYhKtHwugZ2jtFOpTM9TPlPgFX2GLOqgxI%2BeJXPoQgpjMuN5wFmd9NlxEm%2FOMKYN6zf"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931db9aaa233738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 47FF 0
58 B 48ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 26BF 0
19 B 66ms
65ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 42ms
42ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Feb 2023 09:21:38 GMT
server: ATS/9.1.10.25

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame A6C2 0
19 B 50ms
50ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 42ms
42ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 1
content-length: 0
date: Thu, 02 Feb 2023 09:21:39 GMT
server: ATS/9.1.10.25

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8AC5 137 B
1 KB 41ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5ce57f5f6ca2d1aa3fadd5a76984b5228cc28820e628ac7fd3382eeba1e84865

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
AN-X-Request-Uuid: c6f8572c-b746-47bf-9ab4-e68f59bdb534
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content 322311 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame E4B7 0
982 B 217ms
51ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/322311?src_sys=prebid
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004164
X-SpotX-Timing-Transform: 0.000300
X-SpotX-Timing-SpotMarket: 0.004164
X-SpotX-Timing-Page-Require: 0.000375
X-fe: 141
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.001656
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.007657
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000287
Last-Modified: Thu, 02 Feb 2023 09:21:39 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Exception: 0.000000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000011
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000862
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 4C14 173 B
401 B 167ms
42ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2634fddc93acb7eb6cd6df1048a4181ab45ae4b2d6524e524d1b5e80f0aa914e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 2745 36 B
497 B 55ms
54ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d4ff21f4c020c56a7568685163cf665eb1d5331a781180fe1d9520bd9b447b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdTwbj2uxVujv1zXayldwlaWKwmi2b50cT3Z%2FddwePkDTq4KDn1Al57H1l1Vpp2yrYsBeI6rMu0dc2xBM9kXsivshckZV49%2B3coTlIgb0kyIAArsRdEA4LkvEOoPpOZibU1O8OFF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931db9aca573738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6A75 0
58 B 48ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame BC38 0
19 B 55ms
54ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 43ms
42ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Feb 2023 09:21:39 GMT
server: ATS/9.1.10.25

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame A733 0
19 B 52ms
51ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 44ms
43ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vnexpress.net
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Feb 2023 09:21:39 GMT
server: ATS/9.1.10.25

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B0B0 138 B
1 KB 40ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8e8a2e0b0d47db632c09375a0aca004c7003030d1dec0df66a067d7388fab376

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
AN-X-Request-Uuid: e49cc576-097e-4fda-b3d8-53a48ee11635
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content 322311 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame B0B0 0
982 B 197ms
53ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/322311?src_sys=prebid
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.005260
X-SpotX-Timing-Transform: 0.000300
X-SpotX-Timing-SpotMarket: 0.005260
X-SpotX-Timing-Page-Require: 0.000435
X-fe: 101
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.002398
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.010106
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000342
Last-Modified: Thu, 02 Feb 2023 09:21:39 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Exception: 0.000001
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000013
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.001355
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 182ms
182ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=27cd7793-2e18-40ec-a167-c07cf13c15dc
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://vnexpress.net
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 268ms
182ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=27cd7793-2e18-40ec-a167-c07cf13c15dc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://vnexpress.net
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 02 Feb 2023 09:21:39 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/ Frame 4BFB 261 KB
85 KB 46ms
46ms Script
text/javascript 2600:9000:206f:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50c610671f4eb4fbc4b59ccfb51f675a5753375b54a92ae09bdab34f0bf074fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:11:26 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-version-id: BL7bzpojsVs0A7uQm86NJhZU2BgGmPCd
last-modified: Thu, 02 Feb 2023 08:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 614
etag: W/"e18b58c84df6004a53a6c409998203b1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: _icf2hkuuhzNxUyuSFGg4TjdjdagrugrehRcKEJ93vZrEu_EqnFu0Q==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F403 17 KB
6 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:39 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 81C4 16 KB
6 KB 41ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99695
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

tag Show response
btloader.com/ Frame 0B4F
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

48ms
48ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SK8yr5dW3odlJ%2BjKJAh7BwnBSRnY3iz1gM3Dw%2FjKdAAlxd62ipfEDXC4WKms%2BgC72x99%2FlDZcatjp5wpb3mJ89rw2CkKh%2BXMYDiDUg1ZnnSKA5g2BBKha4mTqkGbXOc%2Fsdo8wiu1ThW6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931db9ccfb0925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FW9d0hqVFId0gWHpfPIPXaMRM6bJHtM4maKbQefMUd0yhxKEdc%2BVn9LHpzGewU2d8VZ4V5t0auPinMKNAbtZK2SpskbQ5pJJMoqmwUxZ5s2%2F%2BKy6jtAqCXAWRNVF4bRT93HlPKWIRq0jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931db9b5e1d925c-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 0B4F 54 KB
17 KB 47ms
45ms Script
application/javascript 104.103.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.89.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-89-173.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 02 Feb 2023 09:36:39 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 0B4F 32 KB
10 KB 42ms
41ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 987
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 5VstvQpdJ5xjuU1d-G5sRIS-AEty0iFR-ZU3UynxPK4Fdi_dJTK1gg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 0B4F 57 KB
17 KB 48ms
47ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 666
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931db9b5be83a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame F82B
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

52ms
52ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaOdzht0%2BioXZIKDxjiOhNuLf9fvij1X13sFtFBH2m%2FPEidH1GBleZmUBsqG0wvF60eWCpCDQmjA59hqingevB2PMiK8Tc1rDrI50sMeb9LmZqe7wBFJDGGdijaEeCschIULM4j%2FjCi58g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931db9cdfb1925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwkq9vWtT1UfXJIrFSLEfxVndTRLJxTHJoPiM62UErHhH1aFeKw7XgsFPwvuheRa9GDIjbluUqpSoWY7r0G%2BYqVktnGfH7aSJyWSBM4a7nkw%2Fcb22gm0L56JQyHmzFvzqju%2FXMLY0cAZuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931db9b7e2d925c-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame F82B 54 KB
17 KB 60ms
49ms Script
application/javascript 104.103.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.89.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-89-173.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 02 Feb 2023 09:36:39 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame F82B 32 KB
10 KB 57ms
47ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 987
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: D9ERzYffsUUl7QICYR-VicbWtD7jRa6fB0Titqm5CMInLGQqhEz7iw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame F82B 57 KB
16 KB 60ms
50ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 666
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931db9b7c093a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame 47E6
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

49ms
48ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsGzrtzU15%2Fvv3GAQR2DBG4tO3i7rimrNqyCtFtHqDCmiJdGZPekmA8l9G%2FIlmoB%2BGnu7FY%2FfRj5%2BBjf0pjGTxS8O2FUhW8R2sprF%2FEbzCgVfGhV4crFBVifHZECfLl081YGRP4AVqiH3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931db9cdfb3925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJdxGwFIp5FxG7QQxlOiINrKX09G27YqfZa%2FKFnQnJeqkqj1Un8HXHZbNFNPeT64tVvUf4jqnEyJPz1FPVD7XsbX%2FVWcO1mqNukgIDeYojTDoNB2yXBYBV%2BOGrONCUD8pEBiUppzTuPSjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931db9b7e2e925c-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 47E6 54 KB
17 KB 74ms
68ms Script
application/javascript 104.103.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.89.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-89-173.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 02 Feb 2023 09:36:39 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 47E6 32 KB
10 KB 55ms
48ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 987
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: Q6olVglGNw0hc_agVLvJpLOhpwzohBlpXsGYEeaPDf9Rgj5jY6TQXw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 47E6 57 KB
16 KB 58ms
53ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 666
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931db9b7c0b3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame B5D8
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

51ms
50ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqx9X025JYuA7HtgtYiSzHuynvwpA54Mxckm4evpdwFsmYT%2FRb8otxjMLn11IaNNAaYt6DChtoLMgCmj71pcifUubEpvONoNlE176oaUlp3rJCmcLNzxzJpStR7CkxkgW9gf01kJCDAkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931db9cdfb7925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2905
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFC7OCTbt4%2BVkzHxnC2EQSzQ%2BS2%2FmZXJJlKq2%2F%2F9hQW90RcHXJTCwqe8GWWToLTQtlbye2plVjp1nMi3DqOxELjwDnZjNAiTTNwa9U0Z3xtV0Sy1Z6iArrR495xUb2tOXq4TtacSdtt87Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931db9b7e2f925c-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame B5D8 54 KB
17 KB 61ms
56ms Script
application/javascript 104.103.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.89.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-89-173.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 02 Feb 2023 09:36:39 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame B5D8 32 KB
10 KB 54ms
50ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 987
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: YtEPPZQl9ifOqUksgmGGlmUG-XlzfvOaw9uaOAOGXmkD7lyejwbiSw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame B5D8 57 KB
16 KB 74ms
70ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 666
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931db9b7c0c3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

POST
H/1.1 204
No Content multitracking Show response
ghb.hb.selectmedia.asia/adunit/ Frame F403 0
224 B 47ms
47ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/adunit/multitracking
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19390/hbw_master_310028_9674.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Thu, 02 Feb 2023 09:21:39 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A606
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wbr31b3c1qg

42 B
289 B

188ms
188ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wbr31b3c1qg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 09:21:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Thu, 02 Feb 2023 09:21:41 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wbr31b3c1qg
lws: 122
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2B4A
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:222BBC98D7834E92A7D7EA34DED433B2&gdpr=0&gdpr_consent=

1 B
53 B

47ms
46ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:222BBC98D7834E92A7D7EA34DED433B2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 09:21:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Wed, 01 Feb 2023 09:21:39 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:222BBC98D7834E92A7D7EA34DED433B2&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 6DDD
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

48ms
48ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:42 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:42 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 6DDD 95 B
382 B 155ms
56ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7931db9d1d5f2c6f-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame 6DDD
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
https://a.audrte.com/p

68 B
424 B

118ms
117ms

Image
image/png

52.20.193.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 52.20.193.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-193-33.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 6DDD
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3525168638
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018

0
284 B

145ms
49ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 google
last-modified: Thu, 02 Feb 2023 09:21:39 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
date: Thu, 02 Feb 2023 09:21:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 204 partner
sync.search.spotxchange.com/ 0
589 B 42ms
42ms Image
text/plain 185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 121
Connection: keep-alive
Content-Length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A84 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:19:06 GMT
expires: Fri, 02 Feb 2024 09:19:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 30BC 783 B
536 B 53ms
53ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1cb3b41e848a8552af2dc9475724bffbdcf6432cc0f8c037df9d44869fe4558

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H6PeSmQkbBTWNrYKAvWBlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-H6PeSmQkbBTWNrYKAvWBlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Thu, 02 Feb 2023 09:21:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
79 B 645ms
392ms XHR
text/plain 3.213.67.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.213.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-67-173.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 02 Feb 2023 09:21:39 GMT
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BFB 0
0 88ms
87ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjE335ts_4AYMFq9dQfLb9z-YBJaS1rsQo_xisz33Je1l612Sziq_ZdLRgm3q9GYCdby1jgBQkOuzY05RXL_n4gWO_U8KxHNWsrY6wpHDGJL1dvyuX3ElXKTdc9rzcLvoKKY7HgQ00YG3AEpqu1I1oLcNI6Q3MBQakfYBny3Zh40NtIRWV9ZrvasZKsF446Fj_wBZUlYcKwYOIoAtPgxeIjG0dOSKe-hB9dZe5TClkSxuSUlqHCjO77dHBoTunHbR40IHzHdelYe387TZM5IarEgfiE3Fb20xcIGiwRAEw4mDUDnxPXZ6IH8ImybLdfhOoDwDJBuDp&sai=AMfl-YQpcRso1IPqu2omU5uiJ-N61n-gKuMSnT75oOxVsPlVQMRVbvYZillP8fU4qeTei3PbCOsWDQyg6IgMNlkVRMH9QPfFP0zjg3R5YYCfPC0zApoveZOueLsWX1ALjNQ&sig=Cg0ArKJSzMgkatv6iqwkEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/ Frame 4BFB 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 22:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 22:19:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/ Frame 4BFB 3 KB
1 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 09:03:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4BFB 0
0 49ms
47ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkKAhhU1VaFNM3qqXU-XjNMPgprAKfF7UBxz3C5xBMnTpRsJk_JVVWC3tTeDgJLPEgvH64Z9S2yJizI8sCR8kgLEz1pg
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BFB 157 KB
48 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 09:21:39 GMT

GET
H3 200 15795645627278799334
tpc.googlesyndication.com/simgad/ Frame 4BFB 23 KB
23 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15795645627278799334

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 01:26:42 GMT
x-content-type-options: nosniff
age: 546897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23825
x-xss-protection: 0
last-modified: Mon, 08 Jun 2020 09:21:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jan 2024 01:26:42 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 0EBF 0
277 B 44ms
43ms Image
text/plain 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 02 Feb 2023 09:21:39 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 0B4F 60 B
331 B 57ms
57ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 929be4ed288c85a2fd199a9aa1d4fa4e1565909db2ac26626af7974aac62811b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.21.87
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F82B 60 B
332 B 57ms
56ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 137fd5e0750a649483b68b5371a65c6e4f1f9f761edae1709e6be149e03f4fe0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.26.206
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 47E6 60 B
331 B 63ms
63ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7d1c81e5b7af69b12d8517442b333d58af1b93c5a6ca9d5ffa160f57a859f56c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.6.51
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame B5D8 60 B
332 B 60ms
60ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 21b586df4ab69259bc47c8444944d45217fa16d8af32a4fb9ce07c47fb8048bb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.13.208
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0EBF 0
239 B 41ms
41ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
DATA 200
OK truncated
/ Frame 4BFB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32253f400c1441b626d10a38021e603432b0f9dcc07d4ff8d4ee784af779bbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BFB 0
0 86ms
86ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMjaPj0fnn0w_oNxMp0wl7oJtrHtbVuiGT7GOVXv5Ys8cJGXZQHXbaZkDqW60dJVVQCFSjNdH6bjc-c-78HQXRbuMjwJInebdAVWGD387YreL-1v_5LTHKTV4SRSRxISc9dYENGXXHo3plUVIDNkpP0NPGrYcfa6dm1V_cI6Ty31xI6LXyCqboVA9uaWRIo7vwxH1u0ffKMkb6EuDGa-hJC7IQBPPXi2C5f1HXPCOgb24MQzi2c3r9X0Fvpk-Eqe2bbiDmx_ZQL-l404Fq4SMlmhbi-fiH04bJt4qdhZkI5K6p1-JbqrPEsLC9EUvF4x5b-mpvAkxxrbs&sai=AMfl-YS6yHG1H8ZJtmyzxFULXCB-YzqGc_tIWRoFHP_mifSIRhggOFTzp8WEyiBUSGyO6Iz8wP_Xx7CneMcvxBx6b_N01HfTXfZHc2gbIIVlTnaibUuj-_zvVsvdqmZRWNw&sig=Cg0ArKJSzIN95d3cuVOOEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Feb 2023 09:21:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 30BC 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=929719350594171&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A84 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 09:03:57 GMT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 0EBF
Redirect Chain

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=2553896114296436170

86 B
812 B

42ms
41ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=2553896114296436170
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=2553896114296436170
date: Thu, 02 Feb 2023 09:21:39 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1A84 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UpgY1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F06D 52 KB
17 KB 40ms
40ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20350
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:39 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214730
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220052-HHN
X-Timer: S1675329700.641657,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 8481 3 KB
1 KB 45ms
45ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 937
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931db9eec283666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Thu, 02 Feb 2023 13:21:39 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CB4C 52 KB
17 KB 40ms
39ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20350
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:39 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214467
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220042-HHN
X-Timer: S1675329700.662633,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 733F 16 KB
6 KB 40ms
40ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99695
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C541 16 KB
6 KB 40ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99695
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7BA2 3 KB
1 KB 48ms
48ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 937
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931db9efc583666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Thu, 02 Feb 2023 13:21:39 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BCD0 52 KB
17 KB 48ms
39ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20350
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:39 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214732
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220052-HHN
X-Timer: S1675329700.687483,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F06D 0
858 B 71ms
71ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
AN-X-Request-Uuid: 4e4a4557-2995-4e03-a78b-296c7b3b22a2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CB4C 0
858 B 91ms
91ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
AN-X-Request-Uuid: 834b24da-e773-46ed-b9c3-3f09f44f746f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 8BC1 1 KB
1 KB 57ms
57ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06c9a0d9e87599148a500fb8473b52879d21a47aea312621a3f8ec85099ff061

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931db9f580b91de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD%2BVLuwW3M%2BM%2FdCX2xCfeXBpsAxLhx6DJH%2BaPP0v2NM1cSK%2BNFKMRSldOwsKQ5Y1I1FxGhnjfmwV7MxqSZg22F24f4q6WdUpCM7i7Qan9MZk2IqdNCconS16CBYEFqPyPQEQKcSPjbjYyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 89E9 2 KB
1 KB 57ms
57ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8927332e6545a66e7cb5b9b72787a0027601d28e6d609819fde7921a7aabf1

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931db9f783491de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKgHul%2FM4eIVEust8I4FbzhtnTVY3T1YHJZ11AjYvWVXB6y7l%2Bpo2T1G96M1Ls4BCdHLteRlr4ING5Rp7SyIu9LtSJ0KA%2BG8Pe5q%2B4wNCMI0NWFStleXTJt9v%2FTFVU2i6feuQvTAEUJBxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BCD0 0
858 B 47ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
AN-X-Request-Uuid: 9826c376-5a05-43f9-bb85-21fc12e0eef1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 0B4F 63 B
387 B 56ms
55ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e62a91c3692d1e66041b2ba675f8a41f01ffee742c5a5f4f80ee96406e12cba3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 04 Mar 2023 09:21:39 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame D770 3 KB
1 KB 46ms
45ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 937
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931db9f9d1b3666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Thu, 02 Feb 2023 13:21:39 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 814E 16 KB
6 KB 40ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99695
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1895 281 B
554 B 334ms
334ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 86CF 281 B
554 B 142ms
47ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:39 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8BC1 43 B
601 B 60ms
59ms Image
image/gif 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8BC1
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8020408773171338617

43 B
632 B

123ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8020408773171338617
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8c8ead5d-f378-482c-83e3-7aa01ed50e06
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8020408773171338617
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 8BC1 43 B
433 B 57ms
56ms Image
image/gif 54.154.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.174.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-174-88.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8BC1
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858

43 B
632 B

126ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8BC1 0
191 B 176ms
174ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 8BC1
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=

43 B
356 B

175ms
49ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=
Date: Thu, 02 Feb 2023 09:21:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 8BC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1

43 B
756 B

52ms
52ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2d%2BwcKaEJXKovbjgEqF5GBQyKfdIYI54Sr%2FpYGBahfYBDGUULMINvQXcqysxIIKLgN9HAXqQLTmyXy7ywYG8Fpa8B7cxu9yQLBebGgjR2Sc%2FUCYf0cqSkEWevU%2ByKXD99czQQH8vzn3Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931dba018d691de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8BC1
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=14ddab16-bb90-41b6-afa3-a213f0e02b20

43 B
632 B

42ms
42ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=14ddab16-bb90-41b6-afa3-a213f0e02b20
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=14ddab16-bb90-41b6-afa3-a213f0e02b20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 8BC1 43 B
154 B 46ms
45ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12807
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931db9fce32373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:39 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 89E9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716

43 B
632 B

120ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: MT3 421 8749e8d master zrh-pixel-x28 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Feb 2023 09:21:38 GMT

GET
H2

200

Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 89E9
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

43 B
601 B

59ms
59ms

Image
image/gif

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 89E9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb

43 B
632 B

120ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-hhn-etou8220088-HHN
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675329700.838220,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 89E9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539299

43 B
632 B

120ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539299
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539299
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 89E9 0
191 B 174ms
173ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 89E9
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=85fb7ea3-82d2-4542-bd15-6f3517c04dc9

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=85fb7ea3-82d2-4542-bd15-6f3517c04dc9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=85fb7ea3-82d2-4542-bd15-6f3517c04dc9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 89E9
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAA%261178
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f3f0648e-284d-425c-8489-e387fe78151b-tuctad50624

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f3f0648e-284d-425c-8489-e387fe78151b-tuctad50624
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f3f0648e-284d-425c-8489-e387fe78151b-tuctad50624
date: Thu, 02 Feb 2023 09:21:40 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41376

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 89E9 43 B
433 B 81ms
56ms Image
image/gif 54.154.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.174.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-174-88.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 89E9 43 B
103 B 46ms
45ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12807
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931db9ffe62373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:39 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 1F1F 1 KB
1 KB 53ms
53ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cffa87f7587b28bdeb17abd5bed81737fae74be6c4ea7d00cd6257cf376a0a2e

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931dba008be91de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:39 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syM1%2BWbOjmedUl3CawiOXekx9NnW98Q5e4OD8wZX4HcDv5l9iIwpSgfR1UbmuzhjBjZmZzPqH9RicFn%2Fz25DxpXqdb31rnBy1vfHOiHmScIupCspk%2BarSfrfkez3Qzhs5hEHfIgE%2FQhA6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1F1F
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=R7U6AUm2ZwVc5DgAQ7JzUBPkPFdcszwHEuBJ6R8V

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=R7U6AUm2ZwVc5DgAQ7JzUBPkPFdcszwHEuBJ6R8V
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=R7U6AUm2ZwVc5DgAQ7JzUBPkPFdcszwHEuBJ6R8V
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1F1F
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=222BBC98D7834E92A7D7EA34DED433B2

43 B
632 B

59ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=222BBC98D7834E92A7D7EA34DED433B2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=222BBC98D7834E92A7D7EA34DED433B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Feb 2023 09:21:39 GMT

GET
H2 200 bridge
cm.adgrx.com/ Frame 1F1F 43 B
282 B 44ms
42ms Image
image/gif 64.95.96.108
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-10
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 1F1F 42 B
181 B 202ms
54ms Image
image/gif 2a05:d018:cc3:fe04:3cd4:fa83:9893:2f4f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:3cd4:fa83:9893:2f4f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1F1F 0
191 B 173ms
172ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 1F1F 43 B
855 B 126ms
125ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E3XXF0D0KQ7MVKXZNVDZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1F1F
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858

43 B
632 B

67ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4183605280264715858
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:39 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1F1F
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=8761308a-33e9-4281-90d8-a18a620d89d5

43 B
632 B

43ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=8761308a-33e9-4281-90d8-a18a620d89d5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690968100&external_user_id=8761308a-33e9-4281-90d8-a18a620d89d5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1F1F 43 B
103 B 47ms
46ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:39 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12807
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931dba06ee0373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:39 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 86CF 34 KB
10 KB 53ms
53ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38192
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F403 0
0 76ms
76ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=929719350594171&bg=!ammlaS3NAAaq5O5FiuQ7ACkAdvg8Wh0ghFx7cNbZ2xqkx_xAXarZFzz1cWuDiVPCaCxLu3Lu4KfJrwIAAABOUgAAAARoAQcKAL6fdmI3O1yFDaGwLIx4jNYCn3PsE0WD6Y-GLYQ5evKAvm66m7y0yqA22-WtZj2Q7LhmUI0liVvqBiRoM5RBoaOVOtDcT-WBaoUOua5QNKN7OTwS6JnZA0vubgEyYuyBdhUax6mnDAWxcMNYp3o8FLWT5YuTMb3ISGKMFNITDQoZ9PwoX23iLV_fW-yBcBwrEuBHjNqM-2yTByh3qqsl8L7HB8rr1YrVOjYN8kWX0WrNO8WXKnwFmsJXnanIiB1RmQK-1OjmFmnfgE3a78f2lbPzZoA4YUmzq53PKM1zulDBAtiD-gFtUd3-bm52uhsJGN21pM6pyGWz2ntFsL1PTR2RLJjTga41uJ0N7a9HHvSEOPNyPl9DstHW2tB4tKsGnQ34ep0ef00j9seyP-1Wz2pozyopx_bPf9s7JvK7WTtquifuLYrpgbvgZ9KhzpU2qQBHPaE6i2SnZN6QZTbrZKJs1CnWXJHCSpgOPvpyyk4dN3G9D6t7E-N3rN5qfeiIWYHYmdVDDgLTbdbJWbGqhKJ0Nl5hGB4wpwlEvnS_YtWQQyMiwsXg_CgxVgHyolUAbby-DqiKt2pCcYBxJxz6zPpwYa3hepV1hj5FMlJUVB3Eofp-1PbIgyPuvX-e2Cv0GEWaHMrigxbU6icKNX8LUgaD-bdPVIT5YxJ8ZZkMUnw25kZS9HL3AzHW3XsHZJCXwqrCqEVevRGtuZ0AXDQLHfZi_XGeMwl00QrEsTYJAiogBe0URBD-knNQ_oQDrTb7rfGn8FPKTJMfd2OBOwGyZ0wNwuklpz9SAGibjCbcSBJguKnZRw8PVIShWpn-4-Nx5O46Ec7pqbrdnUISuJd0pvhtQ_Db2B4KxSufQOUuPu_UyH2vYu2gSrST5l3DbpmBByM3HbLwgT6Es6ZQdUW4fi37_P9S5b2rBPXDedWQH-f_h6NGExSF8zTCS7nlO8mmlCX6qE6MOHJ_HFewXQNOY9mwKYbnHCaAlQWTNloT1iHQv1t8m6U84gvZI2PDefn5QBU5Elvg_HagpPwIbHCR0lVyhdsem1sa8CLtY1A8euvgqGqyXXiiwKOM7Td4gjotv_SvRiGeresMx9qPZmRHgxSAy1YNJElGGhN-Lrz3ROv2PB8KgmG7MvbZwCzL-Y8tjm3FFfKtaxpWsPktnDhNSkUcLfQkGw1akC7qju_cK2Fc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1895 34 KB
10 KB 68ms
65ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38191
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:11 GMT

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 0B4F 36 B
505 B 75ms
74ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df568201140559383e6d69be09d8b72f5a1f0af22a9c121e1c3f15e674891fd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SlL8ZguUHNpNQ%2F0Bu6P0kHNXNtBbW3L5ztmz2DLcDNk6%2BG1S%2FBnj2OZ48SOoC6uOplQzjx7NLd0QZdGfcz4WeAHOtD7jpQMwxd%2FIKKBpg1sZDa%2FaDcKWde2mqE6dtzNnVcD%2BPT1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dba2fd873738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F82B 0
58 B 49ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B5D8 138 B
1 KB 40ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

770a5b74110559ebdd8bb15bc9fce215d604393b5366cedbbedaa3f15f66774e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: ce22a459-44ba-478b-94a6-8ed18e84937c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 1D5E 173 B
401 B 42ms
42ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a3766fb87b2c8ed25f21f385eece51f43c4ae621e3205b534327bf344102c788

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame B2EA 36 B
502 B 64ms
64ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c82191d0ed080343fcc43c53f802af79501b559ac51c4f8f3408794f72b514

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEQMqe0q%2BG1Qktq%2BwZYNSen6XDguKU8XxRFTZ7l2GdIPzCaIbj%2B6UOscFrvEtrqV5z99jEbxa6UMKGnmQGtSFXxjXgdvriIEDi7ZGef4uOqyIxL4jKJBhXSfUuM2gw4eBeMmvACi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dba30d9e3738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C118 0
58 B 52ms
52ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 731E 137 B
1 KB 51ms
50ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f56dee178c034a8c543610ecd85a7e7492c406c0701e64bb60876858cb6ef29c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: b656dc9f-567a-411d-8ded-0300c9e18b2b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 985B 173 B
402 B 50ms
49ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ea042675c5c4aba204553ff3c3b54c8c63f682da9b2ab280e4ebffca9009f906

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 47FF 36 B
501 B 52ms
52ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf3b4544ade7f5415c184cb0067c75c928b2dd800edf4113c14dd864a2ab487

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyR2WxZK8ij5D4x%2FRDM2rdoAjYcYuQ9ZNcDLcfmVpHCV76XO9Jo0ihUjgXBYkgTYCQXWpVQosgwVUlzkku2oaA2ppnw%2BezzJGodan31qJiI1T1%2FUUghyyA7uzqTFssdFW%2F0f3ctw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dba31dbb3738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 26BF 0
58 B 47ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A6C2 138 B
1 KB 45ms
45ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a5af3a3bde2a115fd5c59191c1641a1f88c2a3e1ecafad11406650bfdb684335

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: 8e2c2122-d38a-432a-8824-fa9b929de5b0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 8AC5 173 B
401 B 42ms
42ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fb91146c3755b4b4377abee590e05a2d2ece4532fdeb87df870112333330b701

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame E4B7 36 B
501 B 53ms
53ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5685d282087ffa8a3291a2e52a09daeef87c017c787b14e1253bfc3127f0d1e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOFixAY8%2Bs6rcXkEnGIdxXx3T6Btx8AGBhqub5xEPAaEcUl9E7rspJ48gb0VsninonTLPzbNGkxNiYtbSInvNrGGXwc1bijXynRQgVX0pRI2ZX5vvjL4rxuAcoH%2FoC%2FhoKt%2F3Zmc"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dba32dcc3738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4C14 0
58 B 59ms
58ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2745 138 B
1 KB 50ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b49dbd1478226923c5e7a7d5288d5927f0a6d6fcc02ac769f51ef223fdbc3dca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: 1ccba25a-8cd3-404d-9fdd-3e8fa5cb8080
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 6A75 173 B
401 B 52ms
52ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8c3327dc28e14abca86b8926a477cf8388e8d285f9e7de60e554115fce927102

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame BC38 35 B
505 B 52ms
52ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b549413d338bbf4f013cf790218ee9230c8a5d8089b5bf6f16538405c7c383c6

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtTLz7556TLrKEjlr00%2FBRuraRIddTxXh3ZOhAecpJ3jW6XfVNanPP3hxyRkXHjm9KGpz9Q17ecDzzlAk%2B9xBxH3FFQxHusH8esrr%2BhE7%2BuBXXFU%2FsmuIKDbHH%2FLP7c8jFVGvY44"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dba33dd73738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
expires: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 47E6 2 KB
2 KB 45ms
45ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5332
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: 1m9yrO4GrJ9KPTqvLA3H8QZ4aV7T5ka_5q4bnKeNKbm5tSiqIMhnAQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 47E6 23 B
461 B 93ms
93ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=mJCKh0aGknyFj&cb=1&ws=0x0&v=23.127.1625&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 2KWZZKVXW168FKZNST8W
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oOgk6TmBAJ-JcsMuxKmGGjYfiv-k0P_IyTBmbBthJoyLzCXWZBonhg==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A733 0
58 B 52ms
52ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 0B4F 2 KB
2 KB 45ms
45ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5332
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: sQT6LJ7KG1MRymRsn-PzdptVM-3CvxrX-J-Om_x6bUCXK-d--FvojA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 0B4F 23 B
460 B 100ms
99ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=9BIG22VLJ0qf6&cb=1&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 0Z7ECZ8MDD5AY8MYCPS8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: U1OF-rRpvTKjGjEnbH4yp-zR4N68ggPBAJjnss23DjdOuTFAIQbgyg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame F82B 2 KB
2 KB 44ms
44ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5332
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: wawRO8Eg-EbJ_IcelQxvA1R3rBeoghSC2BMN0RoUy0colNSuj2H9KQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame F82B 23 B
459 B 101ms
101ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=d3WMzenqwIPTI&cb=1&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: J9MAKGJ8BD7B8YKP4XWT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eJ59s7Teym4dO8Qmc4FazulEcX-gGzqUwbu0P3rNNqBw1uKAu43oFg==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B0B0 138 B
1 KB 70ms
42ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b5163676c9199b668acfcbda386da55d52ead0ced94740e2f15ee38135e6a829

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: 3c74de9e-42ec-4f6e-b917-d3b36a4a2d6b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B5D8 2 KB
2 KB 50ms
49ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5332
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: bexU6fCykdJqOzY5F6XxyUxF8n-llUiIN7w2ek9OFMp9HKuEJqylIw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame B5D8 23 B
461 B 103ms
96ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=PomRneScQrZ14&cb=1&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 1DGB44TWPYRMM7KEX6JN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XUHn9KUD-csBXNSdm6nclY0oLLrD4bX9rDBiH2_LpEsUMYGjDbXBTg==

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame B0B0 173 B
401 B 49ms
43ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5d1fe77378f45e6b0522d91539de73b05da7aea0d7b17cc14658da74fe920cdc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2

200

tag Show response
btloader.com/ Frame 47E6
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

47ms
47ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PUU3yO806D8ZDTN0Q%2FUYIBW3vbeIMAuLoj30%2FXtZ%2BoCneatRbiNHagcPGwXiBUoHdqw1Nt8Zc899fXkPA9DTsSApHMysiKNghP8B%2BMdix1stlVuXPtF1jb43v3eXgtORohL%2Bhhh8YjHnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dba3edc5925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kk6LSasRcSNYIthFyLUQNul03Lsc%2FvAztg82XG3J4EZ0m%2BDSk5fLMaAjl9ZoR6FtBcf4OdulgFuM1%2F9ZC6ngTvSWFnnHkDA99AbFEXWT%2BS174tPrm8u%2FqeqkAEH75XoTnEvtN1Nj0Sjl3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dba39d79925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 47E6 32 KB
10 KB 45ms
45ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 988
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: Uw1yjmfyFBLG9pCCbEk5YOxrLROE2HEeU8kaLKd5Sa0OkO8SZNWVog==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 47E6 57 KB
16 KB 62ms
61ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 667
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dba39d6b3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame 0B4F
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

48ms
45ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Erw8KPOG48TN%2FP%2FfPD%2FWuCzTIgy4ek8sQv0MCvfxRaIrBEmJWmgDbx0Ei8BhhqWW%2BzNhyDtRQrKp8iWkqvm0%2BmuWIxgR2huF6KO62%2Fhxe4ARdhSgG5AzQ91uC7z2ivBJVdqDbueOoAzLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dba3ddc3925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2m0FoDnhhAtQZn1gjwFRfF7MEU9N3uWN0o8Swae9YhiqKNJVx2cO9KqMrISZClJUpsBsSW%2FXQgLZxRXfHGCAtGCCxIq5flr11hXhluLTsRVtIZDvrniY6UDY7POp3HUmZA71HPijfDotQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dba39d7b925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 0B4F 32 KB
10 KB 49ms
48ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 988
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: CkhWNC4soE5VkRAT-jr1wBRqhpEtuX0JpVtrx1kIYylSO-Yqex9sCw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 0B4F 57 KB
16 KB 53ms
53ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 667
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dba39d6c3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame F82B
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

53ms
52ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h91ozOZpYrq7xCOjWBC%2BSb8glTig9kqE3g2Uq%2BwdsKU7ogx6KkamVYFoesiibkkFHpdMHqUmP5xV8ZbR%2FlnP%2B2601285e0vKdouUP9t2JQOXkSWKtiIr7zlgWIqCSHp2wUZfyruud%2FZjXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dba3edc7925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsV%2Fj1MAyOYUQX4A6Mq8vSUI5Rf1qth%2F1ukOGdE1wrgsiXkUzY%2FodjhRVFs%2BX0m3qkJP9N4WEN2kweyxMfTUdpYsQFF30FqzLG76kuyR7jNImxJsvrz79wPhCARFy64FCmYTowCAO0YEgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dba39d7f925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame F82B 32 KB
10 KB 51ms
50ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 988
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: s3VJT0nrqoAtid3mHgxeg29zJ67Y9wkAIBXf6VqLfMKUUzIHJ_iRdw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame F82B 57 KB
17 KB 48ms
47ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 667
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dba39d6d3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame B5D8
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

53ms
53ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuJiJy98GvnJLd0vG8tkjYrjIC%2FDGTnGaJZTEJhgdXO7moomOKgruszvrwzSSW4HQluEC3lQYQsvLUHMic%2BbiU%2Bx9xdJv3BbJCrpCOOV0UuDhKtKBwIWS4IwPnvzLTlQRpGCD4NVx6B5mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dba3edc6925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2906
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7DMyPkmg4BKEHzROp%2B01mmSsdGSi0eSTT6FqYrIb3yRawzZUmVN8grvDl0Ht%2F7SzHvqiSeOkgYlaZ0OnDZxa4ekTfdHm1KmbERTiutyB7Q0MR%2FQuonBa9s6ikk%2FXMgZrvLj%2FDXlNkF5FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dba39d82925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame B5D8 32 KB
10 KB 53ms
53ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 988
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: zumKIGuNYaasiKbf0eSM12feA5gF-x82FYkGB2ngNaSlryoXTLXSPg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame B5D8 57 KB
16 KB 53ms
52ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 667
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dba39d703a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 47E6 60 B
331 B 57ms
57ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 04380f376fb4116b7085221d87422e121462dcd44f85f87ce994da62b6d3f482

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.23.28
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 0B4F 60 B
331 B 62ms
62ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bafa57e61498861380e6a5faf365152043ed1c6e3bab985dbda8d1f8049c29a3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.22.86
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F82B 60 B
331 B 64ms
64ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ea4741057abb2afb4ab60ab26cd6bb192a32fb86694418d1354a84aac5ee79fe

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.9.78
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame B5D8 60 B
331 B 58ms
57ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8b515a98367192794cc4980ab7d6ef75ed8d89628d5d8c7b8f69e806080ff65e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.7.91
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F06D 0
858 B 59ms
59ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: 5514fe36-3717-4175-b7a5-ef03eeb55cb7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CB4C 0
858 B 40ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: 7003d6c3-b818-456c-b76b-8bc163f6c22a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BCD0 0
858 B 40ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:40 GMT
AN-X-Request-Uuid: ce8460f7-ddd0-4d9f-baab-6ed0850411b0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 182ms
182ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=a49ad26d-b85c-4fe1-9138-d9a966971840
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://vnexpress.net
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 183ms
183ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=a49ad26d-b85c-4fe1-9138-d9a966971840
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://vnexpress.net
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 02 Feb 2023 09:21:40 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9DD3 52 KB
17 KB 41ms
41ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20351
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214755
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220052-HHN
X-Timer: S1675329701.914161,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F210 281 B
554 B 71ms
70ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2997 16 KB
6 KB 41ms
40ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99694
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 896A 52 KB
17 KB 41ms
40ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20351
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214486
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220042-HHN
X-Timer: S1675329701.922883,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D242 281 B
554 B 60ms
58ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C61E 281 B
554 B 106ms
49ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 99B0 52 KB
17 KB 41ms
40ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20351
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 204662
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220087-HHN
X-Timer: S1675329701.931615,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0708 16 KB
6 KB 41ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99694
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2D52 3 KB
1 KB 46ms
46ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 938
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931dba6de303666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Thu, 02 Feb 2023 13:21:40 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3DC1 3 KB
1 KB 44ms
44ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 938
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931dba6de313666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Thu, 02 Feb 2023 13:21:40 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2D71 3 KB
1 KB 45ms
45ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 938
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931dba6ee3b3666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Thu, 02 Feb 2023 13:21:40 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5522 52 KB
17 KB 62ms
39ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20351
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214758
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220052-HHN
X-Timer: S1675329701.965328,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0765 281 B
554 B 110ms
64ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:41 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 87D4 3 KB
1 KB 47ms
46ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 938
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931dba6ee453666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Thu, 02 Feb 2023 13:21:40 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame ECCC 16 KB
6 KB 41ms
40ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99694
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 60EE 16 KB
6 KB 43ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99694
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 49ms
49ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvnexpress.net%2F&domain=vnexpress.net&bundle=A6cPZF8lMkJyQ0phN2tPRWQ5YVhLM3Nna0UlMkJLMWtYRFhMNXNvR2xPbjN6bkRCbnFDbndHM1BTMW4yRGRRJTJCJTJCbm1TMEdaalZZYTZuVE5UV2NSUDk4SHNPbERtSTI5aGRtaDRYZ1QxVmxoRiUyQkQwNWdwaDNWTzRxazU4QlpkTmdLd1ZZaGJiYlNpNVZNbiUyQnE5em9xZDRwdXM2NHlYU0ElM0QlM0Q&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 543175
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame F403
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvnexpress.net%2F&domain=vnexpress.net&bundle=A6cPZF8lMkJyQ0phN2tPRWQ5YVhLM3Nna0UlMkJLMWtYRFhMNXNvR2xPbjN6bkRCbnFDbndHM1BTMW4yRGRRJ...
https://mug.criteo.com/sid?cpp=4TkgvXxNRkVSK2NqRkkzNzhTZGZJeU1OeEcrK0NuK2N4YUNSSndaM2tmSk85VFJpY0o0OUpoMWtqdFc0ZjYzWEZieE00MnhvMEdnY3VyZGhqQzJabXRiL09JSmJmbjJBVHZQRzhFUGlnemdwOHEybm1wTkszMFMwU0k0R0...

429 B
701 B

46ms
45ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=4TkgvXxNRkVSK2NqRkkzNzhTZGZJeU1OeEcrK0NuK2N4YUNSSndaM2tmSk85VFJpY0o0OUpoMWtqdFc0ZjYzWEZieE00MnhvMEdnY3VyZGhqQzJabXRiL09JSmJmbjJBVHZQRzhFUGlnemdwOHEybm1wTkszMFMwU0k0R0l4TWZ5QVR0Unh3RzhmTEJPRll2U1VzTGw0M2JzUTNBRmMveFY4V0wxcnpKMFViTVY1WHUzcTlMWU5mT1VNQVJQYnZzRUlSZThKV0taSnNHckhkZDJIMTlZQ1NUNUZidnNpc0IwcXlGMy95SVQ2Z1Q5WDRjSDlwK0J6aDBEUzQ0VWZlTlIxa00wVnlIZ1ZQTFM0ZERxMW9HM1U3TExyQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

660e1b0568c9de24d049a1e423af249c780a7f4751e6b6e2c02d5433149cc4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1582567
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=4TkgvXxNRkVSK2NqRkkzNzhTZGZJeU1OeEcrK0NuK2N4YUNSSndaM2tmSk85VFJpY0o0OUpoMWtqdFc0ZjYzWEZieE00MnhvMEdnY3VyZGhqQzJabXRiL09JSmJmbjJBVHZQRzhFUGlnemdwOHEybm1wTkszMFMwU0k0R0l4TWZ5QVR0Unh3RzhmTEJPRll2U1VzTGw0M2JzUTNBRmMveFY4V0wxcnpKMFViTVY1WHUzcTlMWU5mT1VNQVJQYnZzRUlSZThKV0taSnNHckhkZDJIMTlZQ1NUNUZidnNpc0IwcXlGMy95SVQ2Z1Q5WDRjSDlwK0J6aDBEUzQ0VWZlTlIxa00wVnlIZ1ZQTFM0ZERxMW9HM1U3TExyQT09fA&cppv=2
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 486679
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ Frame F403 135 B
542 B 42ms
41ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame F403 63 B
387 B 58ms
57ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 0cb0fd4e468302bb36d8d5545140a987ba3d75262e2660543be3fbf98284c324

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 04 Mar 2023 09:21:40 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1CAA 52 KB
17 KB 53ms
40ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20351
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 02 Feb 2023 09:21:40 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 214487
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220042-HHN
X-Timer: S1675329701.968702,VS0,VE0

GET
H3 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 70BB 542 B
358 B 55ms
55ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 5420fc8b96e3c1839e484cd828339848f0ae4ace46bc7050064c0f9e1cd1381b

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 339
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5F9C 542 B
358 B 53ms
53ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 5420fc8b96e3c1839e484cd828339848f0ae4ace46bc7050064c0f9e1cd1381b

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 339
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0049 281 B
554 B 113ms
48ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:41 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E3B3 16 KB
6 KB 44ms
40ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512&gdpr=0&gdpr_consent=
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99694
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2D5E 37 B
139 B 45ms
42ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 02 Feb 2023 09:21:40 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7A42 3 KB
1 KB 51ms
49ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 938
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7931dba70e703666-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Thu, 02 Feb 2023 13:21:40 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D635 16 KB
6 KB 45ms
43ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512&gdpr=0&gdpr_consent=
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=99694
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: Fri, 03 Feb 2023 13:03:14 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame BA0C 0
0 42ms
41ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1675329696253&gdpr=0

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://vnexpress.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8603 281 B
554 B 135ms
64ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 09:21:41 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame 736F 86 B
944 B 42ms
42ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Thu, 02 Feb 2023 09:21:40 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9DD3 0
858 B 40ms
40ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: 53d6ee57-9db9-4fb5-aab0-4dc35d25f16c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F210 34 KB
10 KB 69ms
63ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38211
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:32 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 896A 0
858 B 41ms
40ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: f5aafb86-fd5f-4447-8780-40e792cb4b2d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D242 34 KB
10 KB 62ms
55ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38190
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:11 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame F403 33 B
400 B 41ms
40ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

d1720d8022d633ca297a9c5610c993c4c5f83a1fa432fd609aeadc137029245d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 99B0 0
858 B 43ms
43ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: 944f4a29-ec0a-4c08-a294-fec818198b49
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5F9C 43 B
146 B 52ms
51ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vgs8n95cpvd9006onalq37lnmcfj7mj2

GET
H2 200 e6295896-54dd-e10d-cf9a-d0ff964898c4
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5F9C 43 B
601 B 60ms
59ms Image
image/gif 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/e6295896-54dd-e10d-cf9a-d0ff964898c4?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 5F9C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Srlc5YIK1PnvMN5

43 B
61 B

49ms
49ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Srlc5YIK1PnvMN5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-00addc99944aa0913@us-west-2c@dxedge-app-us-west-2-prod-asg
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Srlc5YIK1PnvMN5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 5F9C
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=openx&gdpr=&gdpr_consent=

43 B
106 B

51ms
50ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=openx&gdpr=&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=openx&gdpr=&gdpr_consent=
Date: Thu, 02 Feb 2023 09:21:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 5F9C
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617

43 B
61 B

49ms
48ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a169067f-9ef3-47a8-af01-18ce36d11caa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ox
match.prod.bidr.io/cookie-sync/ Frame 5F9C 43 B
433 B 61ms
57ms Image
image/gif 54.154.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ox

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.174.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-174-88.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 70BB 43 B
133 B 50ms
50ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bi5bj3hi2ashmfogqp28a5cut27eou20

GET
H2 200 e6295896-54dd-e10d-cf9a-d0ff964898c4
pr-bh.ybp.yahoo.com/sync/openx/ Frame 70BB 43 B
601 B 62ms
61ms Image
image/gif 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/e6295896-54dd-e10d-cf9a-d0ff964898c4?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 70BB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hn5p7HJA1PnvMN5

43 B
61 B

48ms
48ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hn5p7HJA1PnvMN5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-0a70ab811f6c36e53@us-west-2a@dxedge-app-us-west-2-prod-asg
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hn5p7HJA1PnvMN5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 70BB
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb
https://x.bidswitch.net/sync?dsp_id=4&user_id=76346aaa-eaff-42bd-abc8-025a87a19c77&ssp=openx&expires=30&user_group=5&bsw_param=8491ec18-3234-4de8-968c-38edaa2a4cfb
https://us-u.openx.net/w/1.0/sd?id=537072968&val=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=

43 B
61 B

48ms
48ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 02 Feb 2023 09:21:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 70BB
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617

43 B
61 B

55ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 53f661f9-39d0-4d1c-9bd3-c43d282a7ccb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8020408773171338617
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ox
match.prod.bidr.io/cookie-sync/ Frame 70BB 43 B
433 B 58ms
54ms Image
image/gif 54.154.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ox

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a7cb6121-3156-4e96-99b9-1b6e2a8cbd99&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.174.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-174-88.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 2767 1 KB
1 KB 65ms
64ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c0c3559366209aa54bd95f5851d038d1f404cfcd2e7dfc2e095c0325c4a2d6a

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931dba81a5591de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:41 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEreVMezKU4jMvs07DJGBEV43SU3WeOwXG96mUGh2kiyu75STomy9YjOBfTHHz0Cftf64jInsLI90HSAj7nI2kdgJE0Yfzxif9gahKhuBkE1BhzAzc%2FQUDKMe6zIC2w3OIO5w8NbUNi0Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame D36A 2 KB
1 KB 53ms
53ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcba6e21d3d0a00fee01da76b7a2e00c29ec76de4b80ef11e88f5114181c28a5

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931dba81a5791de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:41 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqXBkziMAKbiliYsQs6RHUC%2F2pKVKjsz5vE8UVtuiLEtVp%2BATcttv1iHQT2w58h9HbM7GfZVT1bd3HPeF1yrHmi8JDJxalh639E4pefv13VHuUsrpVdlGZIbK1%2BYjLWxqchVC6BGkY6Mdw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 417F 2 KB
1 KB 55ms
55ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec00dddfa9ed84549c887466c81b94fdf284026900c0f7c139b3cfb1dcaaa19

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931dba81a5b91de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:41 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRukH6RbFtcAyPzlI73ssVwOaIN9uO%2FnBUduiOU3azOiqIc7ujCUcFVVLXCu%2BwMjc0AzgVieOk%2BlVa3sZbxvUQUZCk5ZJcTElXdYgtUkHR191VldP1tv%2F6IhJWid%2F9gZGl6UyVxaEiu5wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C61E 34 KB
10 KB 209ms
209ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38190
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:11 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 50ms
50ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 02 Feb 2023 09:21:40 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 518582
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0765 34 KB
10 KB 71ms
70ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38211
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:32 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame D779 1 KB
1 KB 56ms
54ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe03c2341a57b7f908b7d4fddb609927a5047970ac0b274e6f58390d8ebe24ad

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931dba84a9791de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:41 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qef8dEm%2FJG35oJh2UN%2BT%2FzlTjwZWLb%2FX%2B%2FFbDlXqr%2BQY6xDgKFjRYj6svNWxqHftQ6BHoQnXpiYk3C0mCS%2FJeW5Yh2nkljpHPzT2TYdY%2Bt3qiu1R0VPU9agfdbVQeF3I33n16CLKMpPtcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0049 34 KB
10 KB 119ms
118ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38190
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:11 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5522 0
858 B 40ms
40ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: 4a19a439-46a7-46ee-bb73-342ff1d0e1bd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1CAA 0
858 B 42ms
42ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: 13b3fe89-b821-4e44-b270-3c290f23cffe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8603 34 KB
10 KB 50ms
49ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 20:00:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38211
Connection: keep-alive
Content-Length: 10036
Expires: Thu, 02 Feb 2023 19:58:32 GMT

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ Frame F403 216 B
623 B 42ms
41ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465369/hb_310028_9674.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e5041094c25edcd5cf33be262bd3f8713568213f47911119a5c81c197f1551ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 73B1 1 KB
1 KB 65ms
63ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa70a5530da74558842e2654ddc7a1c9ec51d15845529a76256ab0d1470cfedd

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7931dba88add91de-FRA
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 09:21:41 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2Bbm3A%2Bw8u7wVvLkByyYcEhjox%2Fxw9YIL78olhOQDaX0RPVL7s4n1GONesNUjwPxf8bF42FPr6BZoxiJ6n9R%2FtuYfDIX6Pd%2Blx14EltvWsp1ueVDIvN5xMif4EPYFauqjWLtSatnY1pq4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D36A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=v8T5eV5G1PnvMN5

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=v8T5eV5G1PnvMN5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-00addc99944aa0913@us-west-2c@dxedge-app-us-west-2-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=v8T5eV5G1PnvMN5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D36A
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654486

43 B
632 B

42ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654486
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654486
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D36A
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=51901367-236c-404e-a3b7-6ffcffd9e748&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
632 B

64ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=51901367-236c-404e-a3b7-6ffcffd9e748&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=51901367-236c-404e-a3b7-6ffcffd9e748&us_privacy=null&gdpr_consent=null&gdpr=null
date: Thu, 02 Feb 2023 09:21:41 GMT
server: _
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D36A
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Thu, 02 Feb 2023 09:21:41 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D36A
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H3

200

rum
dsum.casalemedia.com/ Frame D36A
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=8491ec18-3234-4de8-968c-38edaa2a4cfb
https://x.bidswitch.net/sync?dsp_id=4&user_id=73c049c6-3250-4974-a3cf-191778b3d884&ssp=index&expires=30&user_group=5&bsw_param=8491ec18-3234-4de8-968c-38edaa2a4cfb
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=

43 B
740 B

52ms
52ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8zSmcVytJ6QcNSV9BuZWE7VBymWTvgdGyqKRYuYL9n0pxJqo6mMT0Jrf7R9OgcKa2RVLbU%2FeVTsj03jemeZkFlnij5K2zAjoPIOKkiG01riHwHIRNxrrGdj306yyXmOfkNkBHvG"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931dbb30d8c9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8491ec18-3234-4de8-968c-38edaa2a4cfb&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 02 Feb 2023 09:21:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

crum
dsum.casalemedia.com/ Frame D36A
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3f355975-3a9e-83c4-7508ceea

43 B
778 B

67ms
67ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3f355975-3a9e-83c4-7508ceea
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoFvYHeEDbLHoNy0HUdE7t1URrIGYcCHIH8INTu%2FoVL0tmdgGSWv%2FzsPhbjxxniYX8f4wMn1k%2BqruV97t4u5%2F5L2eTt0RyJLdUwSf6sfv8IeBwl48D8tpJiocvlNEPxt6shNKQ9k"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931dbaa9b1e9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3f355975-3a9e-83c4-7508ceea
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame D36A 42 B
180 B 63ms
58ms Image
image/gif 2a05:d018:cc3:fe04:3cd4:fa83:9893:2f4f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:3cd4:fa83:9893:2f4f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame D36A 43 B
154 B 51ms
47ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12809
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931dba8c8d0373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 417F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-hhn-etou8220088-HHN
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675329701.226368,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 417F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716

43 B
632 B

68ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: MT3 421 8749e8d master zrh-pixel-x13 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Feb 2023 09:21:40 GMT

GET
H2

200

Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 417F
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

43 B
601 B

58ms
58ms

Image
image/gif

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 417F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539301

43 B
632 B

107ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539301
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2553896114296436170&expiration=1676539301
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 417F
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9uAnyBVIuDKP3EvlGRJRAAA%261178
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=48adea72-b7b2-4875-aed5-fa1241c214be-tuctad50625

43 B
632 B

116ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=48adea72-b7b2-4875-aed5-fa1241c214be-tuctad50625
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=48adea72-b7b2-4875-aed5-fa1241c214be-tuctad50625
date: Thu, 02 Feb 2023 09:21:41 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41365

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 417F
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=fd99fec2-0469-4f74-8efd-68f16f9374fd&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
632 B

63ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=fd99fec2-0469-4f74-8efd-68f16f9374fd&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=fd99fec2-0469-4f74-8efd-68f16f9374fd&us_privacy=null&gdpr_consent=null&gdpr=null
date: Thu, 02 Feb 2023 09:21:41 GMT
server: _
content-length: 0

GET
H2

200

crum
dsum.casalemedia.com/ Frame 417F
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617

43 B
540 B

56ms
54ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJrxsZEH3NVkAFmli%2FqgMv3brsEBl2xdUzOwlBm0IokTem9PCWx2L4YGk6d4J7OegN2tfbOz%2Bdsq8akoWG%2B2ssjM0y9EYuZL2XfHc6vu3w0i1GC7S%2BNc9re%2FdyLLLeLOJ5JhGdGk"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931dba92a67367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 30baf5b7-c695-4932-b3fe-f016f0be100c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 417F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FpBhWDLtQUtX-mz1jJiV-VD_B2o

43 B
632 B

72ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FpBhWDLtQUtX-mz1jJiV-VD_B2o
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FpBhWDLtQUtX-mz1jJiV-VD_B2o
Date: Thu, 02 Feb 2023 09:21:41 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 417F 43 B
103 B 58ms
56ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12809
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931dba8c8d2373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:41 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 2767 0
0 147ms
48ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2767
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 2767 70 B
264 B 58ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2767
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb

43 B
632 B

111ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-hhn-etou8220088-HHN
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675329701.249552,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9uAnwAAARH4SAAb
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 2767 43 B
433 B 67ms
57ms Image
image/gif 54.154.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.174.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-174-88.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame 2767
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=

43 B
61 B

50ms
49ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=
Date: Thu, 02 Feb 2023 09:21:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 2767
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1

43 B
751 B

113ms
113ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyWc9KfkRKYNIyh8l5JoSQR9VXgQm4UEXPL08sAAImcqxxACnLlfj9k2aUKJTz6Cv7DLidN%2Bbhgvd4ALS5KicDLgRPxnJN2RqQ8FWD31KiIUQs33WQIdOdmt6ikSaWKk9T%2B3nuF3zNMmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931dba92b7e91de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBnlg7yj06kGk1CZ9Avlk_k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2767
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716

43 B
632 B

106ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: MT3 421 8749e8d master zrh-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=399063db-809f-4d00-94cd-150fa67a6716
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Feb 2023 09:21:40 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 2767 43 B
103 B 51ms
50ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12809
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931dba8c8e6373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:41 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame D779 0
0 136ms
50ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D779
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701

43 B
632 B

93ms
42ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D779
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=493
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D779 70 B
264 B 58ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D779 43 B
601 B 62ms
60ms Image
image/gif 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame D779 0
191 B 175ms
173ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame D779 43 B
433 B 69ms
57ms Image
image/gif 54.154.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.174.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-174-88.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame D779
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=

43 B
61 B

55ms
55ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8491ec18-3234-4de8-968c-38edaa2a4cfb&ssp=index&gdpr=&gdpr_consent=
Date: Thu, 02 Feb 2023 09:21:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame D779 43 B
103 B 48ms
46ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12809
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931dba8d8f0373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:41 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 73B1 0
0 108ms
49ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 73B1
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701

43 B
632 B

105ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e223e47d8cf44f1c8d4ace8202940424&expiration=1677921701
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 73B1
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178
dpm.demdex.net/ Frame 73B1 42 B
942 B 58ms
57ms Image
image/gif 54.72.53.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9uAnyBVIuDKP3EvlGRJRAAA%261178?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.53.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-53-159.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0284b356a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 693r9NgfRV8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

crum
dsum.casalemedia.com/ Frame 73B1
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617

43 B
313 B

63ms
61ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qj38jCLet0wyqStXbt6Sw0YKcglAY96Jig2fSx0qTB%2B1r%2FPotHwP3V8yzgXNThgtt2gRJszcjxiig5lTXtAUy7aLt%2F16cL9Os5Q6YOriFkfWQx68naQdsSncy1Q0UF9PhvKnN9gn"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7931dba94a7a367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Thu, 02 Feb 2023 09:21:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4e3afce5-b47d-4248-b3be-c5ff783fdbc1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8020408773171338617
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 73B1
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

43 B
601 B

64ms
60ms

Image
image/gif

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y9uAnyBVIuDKP3EvlGRJRAAABJoAAAIB
date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 73B1 70 B
264 B 59ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 73B1
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654485

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654485
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=492
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559726171654485
Date: Thu, 02 Feb 2023 09:21:41 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 73B1 43 B
103 B 49ms
46ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9uAnyBVIuDKP3EvlGRJRAAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvnexpress.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12809
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7931dba90942373a-FRA
content-length: 43
expires: Fri, 03 Feb 2023 09:21:41 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6DDD 0
128 B 45ms
42ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 62978707
mc.yandex.com/watch/ 43 B
260 B 88ms
88ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/62978707?page-url=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&charset=utf-8&hittoken=1675329687_b3149f02ac34fcb8578c7104c00a40755a52fc643d43a3d25f5e5e1bf8d7b063&browser-info=nb%3A1%3Acl%3A2030%3Aar%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A1232692308569%3Ahid%3A684049679%3Az%3A0%3Ai%3A20230202092141%3Aet%3A1675329701%3Ac%3A1%3Arn%3A556462007%3Arqn%3A2%3Au%3A1675329686164661259%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C2351%2C7%2C9877%2C9877%2C31%2C4140%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1675329684069%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675329701&t=gdpr(14)clc(0-0-0)rqnt(2)lt(201100)aw(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 02-Feb-2023 09:21:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 09:21:41 GMT

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 0B4F 36 B
501 B 55ms
55ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b024f0fb2fd9d8fb3f473a214bc777b6421b651a0fe18dcd04295a08da687c7b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy4gcLQwUmsJbe5UaltCW%2FrcP8TNr7A0M3h%2F%2FdyZhngISJ0ym%2F3orTGOqHIQHbKlSTNPy%2FQsoeD1Sr4tWIIsTDhewXlcIuMFQuIAi2hq0vbDsLGAbIifZyPaQJI1CiEzrGe2rTAe"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbaa5ea03738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F82B 0
58 B 50ms
49ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B5D8 138 B
1 KB 39ms
39ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b69e79b0a86909814b5e421bb7dab8c697c1ff2c2327a55295a4bd17792306b6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: 09002da8-5216-4c94-b317-3ca7b8b3f505
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST auction
prebid-server.rubiconproject.com/openrtb2/ Frame 1D5E 0
0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame B2EA 36 B
503 B 52ms
51ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a1a6a2d8d70e8dac8bfea5200a1528c413ef71521e023432533c3e6701cf014

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcqeSmFTK9z5ognpd3y%2BGXFUI%2FHX%2BOBVmEDXAJ2z77Mb1wuhhEOiMNaIqgtVLkWgV2%2B9%2FQDIzm%2BTa8zRoKlDn1FgzbRDMem2js65cKkkm81EPmVwY0b6itL9Mbnq8s7tHeQlb9rA"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbaa6eb03738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C118 0
58 B 47ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 731E 137 B
1 KB 124ms
124ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f9b19ed3646245ca5ee89c9816ce6a83edcd2e979c11867213dd8ccbe08fc2f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: 5be2d25f-bdf7-42f5-9d53-9391a398f2ca
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 985B 173 B
401 B 42ms
42ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3f9ee93f37a18288ee42e6ec6af7186a78242043ff30b99712f1a4bde044b1e7

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 47FF 36 B
499 B 58ms
58ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8822512bd165823c5bcf135749d738d43705b6b9efa63da4b384b56da9a5fe

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Szz2iqd1LZMh7hsViTfIcn5iVvzHLRUk%2FivLSrVTGmYyF6d59j6p7g5qXB5uqHJ0K26sHcehMJXtpcbHwEKwTgsnpHzIIzXh53cARRETseHrO%2B212towgTrBkcn5p%2BqB2FoHOo1G"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbaa7ebd3738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 26BF 0
58 B 54ms
54ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A6C2 138 B
1 KB 40ms
39ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c76138c42d5fa05bf780b452a1beb598e7b80c06fb79431ceed88d98fce5c199

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: a368f2f1-77d5-454b-bf5f-ff1752a52e43
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 8AC5 173 B
401 B 42ms
41ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 90b93ecdd3dbfedd362d3b364266079417a68d8fd54ea3b618f82a6989b4d29f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame E4B7 36 B
504 B 54ms
54ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e60fa42c67205cc4d3a116f3770a99c845e9886cfee52a6a74ed269f74746f81

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30TQk8%2FkeGQr4o3B8UUrm2aXOd7KOXyrMzVqDu6GKyS%2BN9ADkw3sMKt%2F8oe6f3VGwmaCHaqc1wlHHJ20vwywx7IZHZJAAiDbLUBJcP9gf%2FUx49Dhw5HkKA%2FqyL3nlnNeyiSluKQq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbaa7ece3738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4C14 0
58 B 67ms
66ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2745 137 B
1 KB 46ms
46ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

989c5f5243ddad3c8cdfdfb1b96124a7ecfa1b653a6d41a0dda14f5407209fa2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: e86bd95a-278d-4925-bb40-3f75ea2269a6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 6A75 173 B
402 B 102ms
102ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5f0f2b86de84efed5be288eb4d18dca8ac1a879b763220b5ed1b8a9c490374dc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame BC38 36 B
506 B 53ms
52ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d7be25299976201093789505a7fd8a6684b63d5eb11cbf680604c542d9272b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBWZjKQCK1spqDnCu3fUkBsL%2BxPrvN8bfSQQHSpauFagM4BgODOWwZu2zp2ikAFfs5x70qJ8Pp02FVVW9S%2BPx7%2FM5nN9D%2BNRHyk6KuFpZ4vgY4TGODBHUuD4fJ5KCLKC%2FG4ckNY8"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbaa8ee33738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 47E6 2 KB
2 KB 44ms
44ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5333
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: zwdgpUx_vUdgTQ7O2FvEqEVrjYos7xqKO7lmNO1kfrmhiRvCDb_6bg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 47E6 23 B
459 B 100ms
98ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=mJCKh0aGknyFj&cb=2&ws=0x0&v=23.127.1625&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: V335Z8C20FNENQE177D8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 57fpqg1Mil-UttAn3vPM5NIKPvinbNEHq-X_wqIuuDnAyZMgoY7jXQ==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A733 0
58 B 58ms
57ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 0B4F 2 KB
2 KB 45ms
44ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5333
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: Q-5UZed9wHsokQ5Ppzs9ticFJNtOTJZF4zmoWGYqRJtHn8xoJE-IcQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 0B4F 23 B
461 B 97ms
96ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=9BIG22VLJ0qf6&cb=2&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: SBXE1QPEKJDYBCH1J60Q
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9HmLffBaTCJiFnA0CWQVEwFbIv3Sxg_9ouxCpWMEZWmh9kpW-Y_jtg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame F82B 2 KB
2 KB 44ms
44ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5333
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: fEcbNsrHyDMQbAIKRp8FJ92K98o06kLqRmLOvtpJu4sq97X1KZHZ8g==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame F82B 23 B
461 B 93ms
93ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=d3WMzenqwIPTI&cb=2&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: K7WXEQQ01E8HVRA8WNYK
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: jk0eTzWOfDnXtHwrV5GOWljL8sDdI_pyrKWxELlNWyFNGHGuHsvyfw==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B0B0 138 B
1 KB 40ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

95e62ce77bf423c94d33734d2d711a496b3e2d601f5e13212a3744393ae004dc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:41 GMT
AN-X-Request-Uuid: e2d212cd-5d4c-40b9-8ba8-a71e1e2d6ca2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B5D8 2 KB
2 KB 45ms
44ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5333
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: DhKPuGdjPZlqPmDXjxeJPiLWb_0nDVf4KqzvqKdIvp1cECszRrExUQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame B5D8 58 B
495 B 92ms
92ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=PomRneScQrZ14&cb=2&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

a6d67f1609a53af7e6c53cb2178b20dd9ffa85eff3c35b7184d73273684e30eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: Q012AF7H1BP2C0TN6YAB
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 58
x-amz-cf-id: 8lnHDVcLYcPPDCwrBIZcweNe9YuE5WPQM88dKpZHYOjnldPtZjASNw==

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame B0B0 173 B
400 B 46ms
45ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 54333a32d0fc2c3d5d5f5e5f20c1c299f570b29919354a7c554ee00b13364390

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2

200

tag Show response
btloader.com/ Frame 47E6
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

49ms
48ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FlmYf4%2FNYtg6CV2P5aJ4Lz%2FZX9DS88cLdeGQ%2FwDYwLOGbh5xnj1LJ4jejbonhQqc1VhWpKMA1dFPbk01c3pzS1OHD4ZqqezjrZy2ffGPO5ZeEiepggZwHiuKca8kFs9XcOpzJDWqqtnRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbab2cc7925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMV4%2BLH6PvlXx8uNe7R3BulidmkKP6J7hXPP1gJFLB%2BYzm61OzhzU0DhPrreHKf6qKF0pZndidYp%2Fwbqpf3Cy6hX0dHsumhSS4U0tD%2FHEc3xEoaKhD3FE0fCRUzvc9U0S3S4c9Kpz8wC%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbaadc6f925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 47E6 32 KB
10 KB 42ms
40ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 989
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: WEsJdi49i5EPPPhJ4PUqTZJnrjUVLcULYSDVT3BCawLQAyfqSl7jbQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 47E6 57 KB
17 KB 48ms
46ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 668
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbaaddc43a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame 0B4F
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

54ms
53ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHQvsXuV3U68%2FH%2B6o00%2BS49NZ3BSi3z4k8q2qe09Epn9nhy96udWuwx4HPsQw%2FKF1RsiAN2crO%2BYmvEiLULZBSWQWdq9lZyxvB9o476edM0lxRvjT5H9M4jlD0AGUUpjal9XI18Zf3oPSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbab2cc9925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nm2lP7tvo0XkrzNi416XYguKVtnfNqZm2A5dW02EKkO4G7QJHEeFE2D9BcdC50tUGrOTNZAcV5Yr6i9HDfaV79YYGouHXVcCb3bXuIdblwxXF1uSxmrI%2FAPVCpSB2iH%2Fi48maFBCSDhnZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbaadc74925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 0B4F 32 KB
10 KB 43ms
43ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 989
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: TtzBW-rmVWaJwIxswSvMK0FaOuY1QpIHnd8zz8kyTbmztNXXFHg4qQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 0B4F 57 KB
16 KB 58ms
58ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 668
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbaaddc93a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame F82B
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

46ms
45ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNUhOvjR%2BMuKAR2h66w3a3r7zfYgC4aePjN%2FjCfQ%2B2suS2LYKQYEDOjO%2B5UuHff0z2DGbdlVWXCTz5b7Y%2BvwCdFjOPZ61DbP%2B1VzDJaxK8FNoUNemRzv9DHAPppU6MwVS7wRU3jHfNpVyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbab2ccc925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeEPSp5v8jR%2FPl%2F5%2F%2BivxI3KeBRe0EDq58gzFFi8BYp3%2F5RkSplXZW4AMXYGgquJqEC1glJhyFThMSuW2w%2B9QwLcAk3viW4ME1p%2FmyKEHJH%2B%2BWqzL9CDHN1MqNZpBi%2BVzS3c4uPOAC4I5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbaadc79925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame F82B 32 KB
10 KB 46ms
45ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 989
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: dTg1aTlmUANSyRjnoPp3-7t8Y7mExYHke497Ol-WrMvzxMxRx-Vr5g==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame F82B 57 KB
16 KB 52ms
50ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 668
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbaaddcd3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame B5D8
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

46ms
46ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lBv2RUmD95b3rRjqfulNz6HHCVDLUyKrovS8LzMVQuD%2FOUoxhkTq%2F0De07H%2Fx7ISRUej0506Wmh1VQQnPSzroyTIw1y7I%2BypN2nlRhK8rQvboLAyb56kd0Akhw6ppZwuKHev7T%2Fqz76gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbab3cdf925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:41 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2907
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmXAAOXYTaAV11Rs2l9CfkQghn7mT91b1Qc%2FyrPG9sk%2B3B9VvpZAXCUIBK70xC0Ycrta4JWMuXwfZZzMeTYH4UzdOOpT%2BGGCoFykimNIfZUa4pm2lph49WH2yNg8vTqtSBrZDR4%2FLqKTGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbaadc7d925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame B5D8 32 KB
10 KB 49ms
49ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 989
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: DtWZDR5iuyRCr9UQRUWMfIQ-MPvDbhjYl4BLt7qzNipqXaZpW9BgDA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame B5D8 57 KB
16 KB 52ms
52ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 668
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbaaddce3a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 47E6 60 B
332 B 58ms
57ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 97c5a68624bddd615aff05b8ce8d78c14a05a867da2f0be13e6662fd9f2caf94

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.27.149
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 0B4F 60 B
332 B 58ms
56ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6bf4ab9e4759467809324709ab92224120f5d32c8f63e1c96ee65cae052d116f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.17.211
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F82B 60 B
332 B 63ms
63ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fefa3e44148fa1c07e640123a9c481b8b0f6605ce078a509d6486986b56546cf

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.25.252
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame B5D8 60 B
332 B 90ms
90ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2d8104a7a6319424f9e6321b7b76cd476c121fa8ec31d6171b421d1e7fc0cb36

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.14.173
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 194ms
193ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=c0b5e7ef-1478-4aad-8fb7-67a48ceb8832
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 09:21:42 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://vnexpress.net
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 182ms
182ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=c0b5e7ef-1478-4aad-8fb7-67a48ceb8832
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://vnexpress.net
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 02 Feb 2023 09:21:41 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9DD3 0
858 B 40ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:42 GMT
AN-X-Request-Uuid: 25fc9801-a713-44b6-976e-ea5fabf2c094
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 896A 0
858 B 40ms
40ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:42 GMT
AN-X-Request-Uuid: c0238c1c-7744-42c5-843b-828d3552b438
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 99B0 0
858 B 79ms
78ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:42 GMT
AN-X-Request-Uuid: 02d6150d-bd6f-4eb8-9638-d9f3f88a5944
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5522 0
858 B 39ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:42 GMT
AN-X-Request-Uuid: 61adb7c9-dba4-4e95-b28b-7664d6186235
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1CAA 0
858 B 39ms
39ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:42 GMT
AN-X-Request-Uuid: 15079602-08ab-437b-b97f-ae13fb3c5873
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 81C4 188 B
557 B 45ms
45ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74952353&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 29cffc611bf15732567d87d8ef7d39905e560b459c9a4ebf7263365186008bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 02 Feb 2023 09:21:41 GMT
content-length: 188
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame 4FC5 86 B
1 KB 41ms
41ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Thu, 02 Feb 2023 09:21:42 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 81C4 49 B
265 B 56ms
54ms Image
image/gif 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.101
content-length: 49
expires: 0

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 183ms
182ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=76c49521-7434-4e40-a310-90faa0eeafe7
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://vnexpress.net
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 182ms
182ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=76c49521-7434-4e40-a310-90faa0eeafe7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://vnexpress.net
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 02 Feb 2023 09:21:47 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 0B4F 36 B
506 B 54ms
53ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a38801d0d39b80e0a3b16fc8c04925e9d3e855332d5d4414aa76bac593fd6059

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGkY%2F%2FF5Vgb61Lv7rOxD%2FkHWZIGQcTngMzSUDgJD%2FQZdNJDj95Yic7g9xrF%2FnOfW3xK282cBcLNzzJU4eUwF04OBliB3tZebFthgrG%2B8Y5TwLUG6HHOZTwp2i0Jck19%2F9RZ26qdm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbd628043738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F82B 0
58 B 48ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B5D8 138 B
1 KB 42ms
41ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

35ea7d34e1a52acb15024c19163c61f8eb19f1a8b343ee498dd6be011040651b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:48 GMT
AN-X-Request-Uuid: bee29957-c240-4fd8-bdb0-37318131dfc9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 1D5E 173 B
402 B 43ms
42ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ed27a1a9e245e9eef8e661e586063ed23638888ef2876eeb418a7a5d4c1fceb3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame B2EA 36 B
504 B 57ms
56ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514d33c7b8367dc887e19256dafb8d80c63bb096e028fcc87de7416c4c420d3f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryEBM%2Fzd6OrOialZNlvR4bM%2B6wKjOz%2BjvoI%2Fz0CXjEg3yayG0NxgDB8EuL6z4txE7u%2Bv50EK4i3NIU1t9q7P4hsMU%2BEfH7ovJHCGo057CCM7r8dJHh7ujDKsf3iV28I3urvJVs2P"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbd638223738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C118 0
58 B 49ms
49ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 731E 139 B
1 KB 63ms
63ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1ab2ec3d41e851aa74e8b216a65811eb66c31e555b73dbff9e685c69e1700057

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:48 GMT
AN-X-Request-Uuid: de35af44-e680-4d91-a56e-1f61e6328b37
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 985B 173 B
400 B 42ms
42ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 92c5169362f92d33a5fdd7fa614f9b998fb55d103adba39c1564de1655ac5ce0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 47FF 36 B
509 B 56ms
55ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3807a2f696518bea1216bd274041aae2cbb9ba49dd63aec6afde7a37dad18a9a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2B8ZDvvzmtqEXIAIdye%2BfCaMlNyu7%2F2oRRFReNcmwAEnWe0W%2B2vfDqmZc%2FDUrdyZun%2Fzx82WUtJxlWUn5espGsYOZIXhR8kje%2FRXvLNkAT5Mjet57hS%2FMUM9GHnRurnzXCX8WpH0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbd648333738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 26BF 0
58 B 66ms
65ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A6C2 136 B
1 KB 40ms
40ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

212af3e250fccd144e4c944d50cb15b3db03ed4006b5f2f623b46af5c786f538

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:48 GMT
AN-X-Request-Uuid: 90bb82fd-5948-4b9d-8e9a-3afae5a712f2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 136
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 8AC5 173 B
400 B 45ms
45ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0ca701160a49e1c3e44f77b348b2c01eb50ffded4ba52fe0b716d783df516ef1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame E4B7 36 B
507 B 52ms
52ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d73b8f66df359abc961d9d9c8b77387638dc2e9267d6ce6ea74f64e6c3f41c0a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTLfkc5IYrYzPuKAm%2B%2FC8kMlgFkqoOTmzv17KjCluq7WPGbLOc%2FKVWRm4JI9bpEb3PohcCHYOd5j0UpMvMtBvL3bcvWyZwA2N4ZMHfFd0nvD3WMZEf%2Fa6fWxG%2FWeRjYYbql%2Bvenw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbd658463738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4C14 0
58 B 67ms
66ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2745 139 B
1 KB 40ms
39ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

77a13543cccf522606dde792ef6dce3936ff4c4854796accdc998d48228837ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:48 GMT
AN-X-Request-Uuid: 6ef32885-bfc2-4071-b60c-4cc845fc7c29
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 6A75 173 B
401 B 59ms
59ms XHR
application/json 52.28.67.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aef011e8998c8833945ef2f6ab2c88d66136ab80c33ad978beaa21c9c7933b59

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
content-encoding: gzip
x-prebid: pbs-java/1.109.0
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame BC38 36 B
503 B 58ms
58ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=740311
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1520e3c95303a92140b5d502147a46a2f2823ed7914bba1897395c0ba036941

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WHoIUm0Z%2BrQVV2Vi5%2BUgWioFnSuz6MOKIVuJWbeKsp4Jwjf1jIW78QuHgzbQ8vVmA%2FZUSVBzhcinaaii9%2F5EQ0yY0w8a72F3bgo%2FTrciYyK8AQiUVZT8j%2FdtOypbe2fr4MXMgHE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7931dbd668523738-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 47E6 2 KB
2 KB 45ms
45ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5340
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: FhOnKv6aeNHhZiqARXFu5Cjb8ajCA4dkmk4plphU_3nK_F4YW7pTnw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 47E6 23 B
458 B 95ms
95ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=mJCKh0aGknyFj&cb=3&ws=0x0&v=23.127.1625&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 4XM1C27SBWXSJ405RDAB
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 26o1tRAavf6i9VQFnMNLA6dH90d-VN3o0edXowUBVDinntzinWizSA==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A733 0
58 B 88ms
88ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Thu, 02 Feb 2023 09:21:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 0B4F 2 KB
2 KB 45ms
45ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5340
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: Zxwmi3_ZjXrvCYl4dkd4q_7ZMXW2ru8_zQ0dkCLP9QCU6koYr5sH8w==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 0B4F 23 B
460 B 95ms
95ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=9BIG22VLJ0qf6&cb=3&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: Z2EV61TSJRB55CQCV2V7
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xnjcmCWwtYgJXWf7DJnTltLyeDWDdB1ETwSV0kS_5SS1LcNHAcciDA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame F82B 2 KB
2 KB 45ms
45ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5340
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: P2SwEYZQk0QGlAQ_NP1gLEp0o7b627VLdzChwCERAV5yN5_QOA701Q==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame F82B 23 B
459 B 96ms
96ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=d3WMzenqwIPTI&cb=3&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 76VTXFSPXCSCJ5X9NXRB
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xRnsnpOaaY1bT89-Fhhhe3i4iF5v4JW7tl8XbqLEEyhOtonQ1s0pXg==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B0B0 138 B
1 KB 42ms
42ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4cff7e40a36a2101bc5c0c54c6251cff1b96a0e5d26b9fd40f23cbb7d072e50a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 09:21:48 GMT
AN-X-Request-Uuid: 5e308ffa-32d7-4025-a3dd-5a3ed59b11f9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B5D8 2 KB
2 KB 44ms
44ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvnexpress.net&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:52:47 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 5340
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1729
x-amz-cf-id: RXPPC-EPwd-RihAQd3fuL9fPocq02_IMNRgd9vY4iriRZ2tq2WVgPw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame B5D8 23 B
460 B 106ms
106ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvnexpress.net%2Fkenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html&pid=PomRneScQrZ14&cb=3&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A35%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: P2Y04PRN9DD8648A3R4E
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RvuSo9u-XMjHH_hdg4bNZuTVaVjCYAIUAx6oBYas_JF1ZKPFxAAp3A==

POST auction
prebid-server.rubiconproject.com/openrtb2/ Frame B0B0 0
0

GET
H2

200

tag Show response
btloader.com/ Frame 47E6
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

94ms
93ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BrN027ol7XgL4oMI2j0LUDqmVVUck5nPthbPY0IzFBN7KJRbuezJCfOAXtwFr0rD0PdJOM44m4pEwxdwK7WnH1bUulcoKtxKczGogxK2Bp%2BbzsAqRSb7W3TJhGCnwDu4Z43JnBktmdQWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbd6faff925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc%2BvuNN4WbMKynvadBj21DlcO6kXnfQI2Y41MEVScIybsUzwYRVHLpIw3cjQTdO4GYP0p1dKVitmaNHhlyg308aJJryrlgg%2BAMMi%2BHIWI5wxu9sqvVnzj76a5MHfFW0FWnQ1nuxxJG7OaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbd6aaba925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 47E6 32 KB
10 KB 42ms
41ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 996
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: VaUGrC_iSOsmTdkjV4qNEwB4tKp2e8Q8lJ1n6H2XxoNYxuVY6eil9Q==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 47E6 57 KB
17 KB 54ms
54ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 675
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbd6aa943a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame 0B4F
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

120ms
120ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q07WBLYe5eXU7ZLFB0f%2BlcMTtS9LKNwrtZkN0My40NCxLDkFqlUjAxaToVr7Zh%2FYJNEAkZQjq6UYU3Xz0uOF1aIS%2B%2BgDGv2p5yMqRMrUkQ8Yu%2Fc3MKq7CurieKB0j47gCEW2%2B%2BoQTzS2kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbd70b1d925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cO3g1mmu6zYru2Tg%2Fegj1rj7DgLytk8lB%2BjY8V%2BwRSsRVxEjGbYaruDav55OD0AwHRlDTa8D6%2Fufk6k6toYIsbEEG60pqyy9n3fR3lhgYkVELlKFWIG%2F2YDCh8RMHjIQUUjbA6vRPaD2lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbd6bac9925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 0B4F 32 KB
10 KB 43ms
40ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 996
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 8RnzkJm3SmSUjGNTQF2L8XQ9lVRXdUEeFzzR_nJ4gNYKYPH6DojkQw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 0B4F 57 KB
16 KB 58ms
54ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 675
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbd6baa23a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame F82B
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

198ms
198ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nobrutwjCPTldCC4%2BlxgljndbBebGJQYR14OcHZt8oy7nEBY6q3fXYYAOJF%2Bwf%2Bv7u9dd3s3Eruqyl0pUVb9maQGi%2FLC%2BwW8MxVAKALkGJJ4%2Bro4VzZejyxqo8mQ%2BGuhnnRx9Z2Q5iXnbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbd70b1f925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be3IIlDwJcmc9nIY%2BgLCI1pxk4fgns0AMLxA1rtjvoufmLEy4ldBXyVD8qzTli8Y8nfOO8iIQ5OOrO5EQmejzbCK4m5vrc4IbnTIUHsV6NsnioA9ahIgsP4RMdGKRp7mBAGz1SJYTRFzFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbd6cacc925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame F82B 32 KB
10 KB 47ms
44ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 996
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: anw7tQZkrEuDpfUoergs4CvAYFnYqUbniEMr2s9eajrIG9n6PuxJZg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame F82B 57 KB
16 KB 52ms
50ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 675
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbd6caa53a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

GET
H2

200

tag Show response
btloader.com/ Frame B5D8
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

232ms
232ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 08:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpYKfUf3hmWZrzjVBvNvkpCLxGEN7sA9sbb2edvHHRZsu7u8ZwqEi%2BU4Tm%2BsugFdnbWrTsKK21R4n9zqE%2FDlWpYIGDAdNxJjaBCJPxszNt%2FLfXgW5Xx3IQHwQsm8A5GpJ8zu0HyFS95ung%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7931dbd71b27925c-FRA

Redirect headers

date: Thu, 02 Feb 2023 09:21:48 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2914
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmIKWk764A0oVp%2FnpWfPC9AFwDl9SBrRZZi2p5l9ByVHHtcDmtHjxqspRsU0EBbFjInfqVNP6Pa67%2BJE%2BEV7lg8QNkAO5WbCa7nZPmi3MFnMPcx%2F3kin8T34mNJJjMW4Fk8oUgzNqeDX1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7931dbd6cacd925c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame B5D8 32 KB
10 KB 49ms
48ms Script
text/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:05:13 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 996
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: vEkegKa7g1bZl20z-InkV8Quh3IH8-7QTSFkkwpPtQ1jdPZ5E9m2BQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame B5D8 57 KB
16 KB 58ms
57ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:21:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 0E04F52TYE5VAMTW
age: 675
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7931dbd6caa63a9a-FRA
x-amz-id-2: Bp+xey4r9SXmKbmghXKXolm26JKQ5NESSO51tjPqRVPJOE+xKhZaxewbHg+MDfxd0HWM+k2tWkeKtf5dGyCKDQ==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 47E6 60 B
332 B 57ms
57ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f1b0dd35272bbdce305b1f897b2f7cacff05f76c7aebc3607f90ee85fcdb1217

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.26.206
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 0B4F 60 B
331 B 58ms
57ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 23955e8c0b88fc8d07e81abb57d8ec739559e8489f8a5b7f85ea10e737757f48

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.6.51
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F82B 60 B
332 B 58ms
57ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9b7813bbbe3b9aeedd4199927426bcbefc21ec00c305838fa811339c4bba8bbb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.13.208
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame B5D8 60 B
332 B 56ms
56ms XHR
application/json 34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 695cb3c4e114679048f0fa8ad52fa2a184b920657da62f51963a25796daa6bbb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 09:21:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
x-server: 10.45.22.101
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 183ms
183ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=ee70235c-2fc0-419d-9390-67e7a2cf30fc
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 09:21:49 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://vnexpress.net
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 183ms
183ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1163&uuid=ee70235c-2fc0-419d-9390-67e7a2cf30fc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vnexpress.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://vnexpress.net
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 02 Feb 2023 09:21:48 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: g.eclick.vn
URL: http://g.eclick.vn/iplocation

Domain: prebid-server.rubiconproject.com
URL: https://prebid-server.rubiconproject.com/openrtb2/auction

Domain: prebid-server.rubiconproject.com
URL: https://prebid-server.rubiconproject.com/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

337 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

152 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vnexpress.net/	1970-01-20 09:32:14	Name: device_env Value: 4
.vnexpress.net/	1970-01-20 09:32:14	Name: device_env_real Value: 4
.vnexpress.net/	1970-01-20 09:32:14	Name: sw_version Value: 1
.vnexpress.net/	1970-01-20 11:31:45	Name: _gcl_au Value: 1.1.1044808892.1675329686
.vnexpress.net/	1970-01-20 09:23:36	Name: _gid Value: GA1.2.36675206.1675329686
.vnexpress.net/	1970-01-20 09:22:09	Name: _gat_t3 Value: 1
.vnexpress.net/	1970-01-20 18:58:09	Name: _ga_DQJ7NF9DN2 Value: GS1.1.1675329685.1.0.1675329685.60.0.0
.vnexpress.net/	1970-01-20 18:58:09	Name: _ga Value: GA1.2.611417411.1675329686
.vnexpress.net/	1970-01-20 09:22:09	Name: _dc_gtm_UA-50285069-28 Value: 1
.vnexpress.net/	1970-01-20 18:07:45	Name: _ym_uid Value: 1675329686164661259
.vnexpress.net/	1970-01-20 18:07:45	Name: _ym_d Value: 1675329686
.mc.yandex.com/	1970-01-20 09:22:10	Name: sync_cookie_csrf Value: 4210340669fake
.mc.yandex.ru/	1970-01-20 09:22:10	Name: sync_cookie_csrf Value: 2320550993fake
.vnexpress.net/	1970-01-20 18:06:19	Name: fosp_uid Value: ek9st41vtq3wuoyy.1675329687.des
.vnexpress.net/	1970-01-20 18:06:19	Name: fosp_aid Value: ek9st41vtq3wuoyy.1675329687.des
.vnexpress.net/	1970-01-20 18:06:19	Name: orig_aid Value: ek9st41vtq3wuoyy.1675329687.des
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1533231675329687
.yandex.com/	1970-01-20 18:58:09	Name: i Value: R8Qus7SSpsFOOiPUz/qf8m/Ned401Ue8+i7VWlzE0jCk6Bd85LyM0WQb50mkaNqk9sDswCuj1SY/9B6/h2aG2WJEtew=
.yandex.com/	1970-01-20 18:07:45	Name: yandexuid Value: 9414204101675329687
.yandex.com/	1970-01-20 18:07:45	Name: yuidss Value: 9414204101675329687
.vnexpress.net/	1970-01-20 18:07:45	Name: fpt_uuid Value: %2272bba5da-85f5-4542-8b1f-a8f304ce6dc0%22
.vnexpress.net/	1970-01-20 18:07:45	Name: ajs_group_id Value: null
.vnexpress.net/	1970-01-20 09:23:36	Name: fosp_loc Value: 40622-0-DE
la2.vnecdn.net/	1970-01-20 10:05:21	Name: fosp_uid Value: ek9st41vtq3wuoyy.1675329687.des
la2.vnecdn.net/	1970-01-20 10:05:21	Name: fosp_aid Value: ek9st41vtq3wuoyy.1675329687.des
la2.vnecdn.net/	1970-01-20 10:05:21	Name: orig_aid Value: ek9st41vtq3wuoyy.1675329687.des
.octopus-stream01-cads.fpt.vn/	1970-01-20 18:58:09	Name: cdp_uuid Value: 72bba5da-85f5-4542-8b1f-a8f304ce6dc0
.vnexpress.net/	1970-01-20 09:23:21	Name: _ym_isad Value: 2
.vnexpress.net/	1970-01-20 09:22:11	Name: _ym_visorc Value: b
.vnexpress.net/	1970-01-20 09:23:02	Name: display_cpd Value: 5
.spotxchange.com/	1970-01-20 10:02:28	Name: audience Value: f948d46c-a2da-11ed-8db3-1860f0710206
adp.vnecdn.net/	1970-01-20 10:05:21	Name: fosp_uid Value: ek9st41vtq3wuoyy.1675329687.des
adp.vnecdn.net/	1970-01-20 10:05:21	Name: orig_aid Value: ek9st41vtq3wuoyy.1675329687.des
adp.vnecdn.net/	1970-01-20 10:05:21	Name: fosp_aid Value: ek9st41vtq3wuoyy.1675329687.des
.adp.vnecdn.net/	1970-01-20 18:06:19	Name: fosp_uid Value: ek9st41vtq3wuoyy.1675329687.des
.adp.vnecdn.net/	1970-01-20 18:06:19	Name: fosp_aid Value: ek9st41vtq3wuoyy.1675329687.des
.adp.vnecdn.net/	1970-01-20 18:06:19	Name: orig_aid Value: ek9st41vtq3wuoyy.1675329687.des
vnexpress.net/	1970-01-20 18:07:45	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D79cfba38-7e45-4eae-bb73-24abf4ffda79-tuctad50619
.vnexpress.net/	1970-01-20 18:07:45	Name: login_system Value: 1
vnexpress.net/	1970-01-20 09:23:02	Name: _ps_track_ek9st41vtq3wuoyy.1675329687.des Value: 0
vnexpress.net/	1970-01-20 09:24:28	Name: _gtm_ps_track Value: 0
.vnexpress.net/	1970-01-20 18:43:45	Name: __gads Value: ID=c6e5b1dc46c14ea8:T=1675329690:S=ALNI_Ma3MoCjsKMaLWlGwWbHt0FY-rQzlw
.vnexpress.net/	1970-01-20 18:43:45	Name: __gpi Value: UID=00000bae12e6a6e5:T=1675329690:RT=1675329690:S=ALNI_MYORA8NesIqT39p8SOl4l9sop8_LA
.vnexpress.net/	1970-01-20 09:22:09	Name: _gat_UA-50285069-28 Value: 1
.vnexpress.net/	1970-01-20 09:22:09	Name: _gat_UA-169360081-2 Value: 1
.doubleclick.net/	1970-01-20 18:43:45	Name: IDE Value: AHWqTUlk5rLR_Cy7VUDJRhBuzGGY-kjrK2p1VzZKboGOeezJnj6SeuiCYxRKApVUkjk
.vnexpress.net/	1970-01-20 18:58:09	Name: _ga_57577CKS2C Value: GS1.1.1675329686.1.0.1675329690.56.0.0
usi-saas.vnexpress.net/	1970-01-20 09:22:11	Name: usi.saas Value: s%3Adc17FGrdhQ1md7ONbyAxCAuDbpUiZOPR.x0tX6n7Bus9mdKDzcEeEAWJt8%2Fec8%2FzXuESHBHhnrh0
.doubleclick.net/	1970-01-20 09:22:13	Name: DSID Value: NO_DATA
.vnexpress.net/	1970-01-20 18:07:45	Name: _pubcid Value: a142018b-6df6-4cb3-a49b-0ee20d386670
.yahoo.com/	1970-01-20 18:08:07	Name: A3 Value: d=AQABBJuA22MCEILSkgxNUD8hOmGzkdbJq_AFEgEBAQHS3GPlYwAAAAAA_eMAAA&S=AQAAAt25TZASsQt8QUSXUQv6kO0
.openx.net/	1970-01-20 18:07:45	Name: i Value: a142018b-6df6-4cb3-a49b-0ee20d386670\|1675329691
.rubiconproject.com/	1970-01-20 18:07:45	Name: khaos Value: LDMW1JDM-1X-25TE
.rubiconproject.com/	1970-01-20 18:07:45	Name: audit Value: 1\|hLZGFuTafB3+Jux3/lwleANb0fGVcfL/XWaA1sYWTLGb55ZO9yeic8DEcv8dEWKTznzDuMGFmUi4+2uykD6Fnxwcea/b3NSzQ8gcjdrR8dE=
rt.ad-score.com/	1970-01-20 18:58:09	Name: token Value: GsyzodnfnKoxX-0mr3-LNUtgFjSRRapO
.lijit.com/	1970-01-20 18:07:45	Name: ljt_reader Value: GFqxpBZHMRgUNAeTSYioVoxk
.pubmatic.com/	1970-01-20 18:07:45	Name: KADUSERCOOKIE Value: DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018
.criteo.com/	1970-01-20 18:43:45	Name: uid Value: 3533467e-0970-41ad-85d6-d3a33aa46cc7
.adnxs.com/	1970-01-20 11:31:45	Name: uuid2 Value: 8020408773171338617
a-prebid.vidoomy.com/	1970-01-20 11:31:45	Name: SSCookie Value: 1
.adform.net/	1970-01-20 10:02:28	Name: C Value: 1
.vidoomy.com/	1970-01-20 11:31:45	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI4MDIwNDA4NzczMTcxMzM4NjE3IiwiZXhwaXJlcyI6IjIwMjMtMDItMTZUMDk6MjE6MzUuMzQ1NDY5MjY4WiJ9LCJ2ZXJpem9ubWVkaWEiOnsidWlkIjoieS1pMlJXNDZwRTJ1SDh3cUtLUGtQS2tmS3NBUHZibG5fM21YN24zbEEtfkEiLCJleHBpcmVzIjoiMjAyMy0wMi0xNlQwOToyMTozNS40MTg1NDg4MzJaIn19LCJiZGF5IjoiMjAyMy0wMi0wMlQwOToyMTozNS4zNDU0NjcyMTJaIn0=
.adform.net/	1970-01-20 10:48:33	Name: uid Value: 2553896114296436170
.mathtag.com/	1970-01-20 18:48:04	Name: uuid Value: 399063db-809f-4d00-94cd-150fa67a6716
.casalemedia.com/	1970-01-20 18:07:45	Name: CMID Value: Y9uAnyBVIuDKP3EvlGRJRAAA
.casalemedia.com/	1970-01-20 11:31:45	Name: CMPS Value: 1178
.casalemedia.com/	1970-01-20 11:31:45	Name: CMPRO Value: 1178
ads.playground.xyz/	1970-01-20 09:31:52	Name: connect.sid Value: s%3AjrwFDx7JbmSuh4Orq6OVwn8WMrC0ofnm.ULSNhLKpxaG1fl5bm1UZVinrCwrhXTo%2Be%2F%2FQDtBqWe0
.fiftyt.com/	1970-01-20 18:07:45	Name: fifid Value: 7cfb58b0-896c-4aa7-61d1-b6eb9c83a19e
.fiftyt.com/	1970-01-20 18:07:45	Name: cs Value: MTY3NTMyOTY5NXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJAWGs9nY0Qoj63tYmksjBMJV2Q5BEduaI5GlSo5tC47
.simpli.fi/	1970-01-20 18:09:12	Name: suid Value: 222BBC98D7834E92A7D7EA34DED433B2
.adfarm1.adition.com/	1970-01-20 11:31:45	Name: UserID1 Value: 7195486250077649048
.de17a.com/	1970-01-20 18:00:33	Name: guid Value: 1.6375948229622613576
.quantserve.com/	1970-01-20 18:52:24	Name: mc Value: 63db809f-bfc24-3bbb4-5bdcf
.demdex.net/	1970-01-20 13:41:21	Name: demdex Value: 66270933442906208390361705668996923162
.everesttech.net/	1970-01-20 18:07:45	Name: everest_g_v2 Value: g_surferid~Y9uAnwAAARH4SAAb
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_57 Value: 22776-8020408773171338617&KRTB&23339-8020408773171338617
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_1101 Value: 23040-7195486250077649048&KRTB&23278-7195486250077649048&KRTB&23369-7195486250077649048
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_27 Value: 16735-uid:399063db-809f-4d00-94cd-150fa67a6716&KRTB&16736-uid:399063db-809f-4d00-94cd-150fa67a6716&KRTB&23019-uid:399063db-809f-4d00-94cd-150fa67a6716&KRTB&23114-uid:399063db-809f-4d00-94cd-150fa67a6716
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_391 Value: 22924-2553896114296436170&KRTB&23263-2553896114296436170
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_80 Value: 22987-CAESEPhs9LUk_dLJj_KydSyFnvI&KRTB&16514-CAESEPhs9LUk_dLJj_KydSyFnvI&KRTB&23025-CAESEPhs9LUk_dLJj_KydSyFnvI&KRTB&23386-CAESEPhs9LUk_dLJj_KydSyFnvI
.fiftyt.com/	1970-01-20 09:32:14	Name: fppm Value: 20230202092135
.dpm.demdex.net/	1970-01-20 13:41:21	Name: dpm Value: 66270933442906208390361705668996923162
.bidr.io/	1970-01-20 18:50:39	Name: bito Value: AACOAU7HtwEAACAr1YaHRg
.bidr.io/	1970-01-20 18:50:39	Name: bitoIsSecure Value: ok
.as.ck-ie.com/	1970-01-20 09:32:14	Name: CID Value: 48c4206992f3d61d3cc5f476605bbec3142dea45
.adsby.bidtheatre.com/	1970-01-20 09:32:14	Name: __kuid Value: 6572a6f2-c382-422d-a86d-c9110eee5cf8.444543696
.onaudience.com/	1970-01-20 09:23:36	Name: done_redirects104 Value: 1
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_153 Value: 1923-UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg&KRTB&19420-UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg&KRTB&22979-UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg&KRTB&23403-UfbvsV_1srVKp-2xBPymsVXws-tK8O3hAv2exMAg
.1rx.io/	1970-01-20 18:07:45	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-c7613e13-5ff5-4541-a08f-522074c6b340-005%22%2C%22zdxidn%22%3A%222137%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D%22%7D
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_336 Value: 5844-6375948229622613576
.amazon-adsystem.com/	1970-01-20 18:58:09	Name: ad-privacy Value: 0
.onaudience.com/	1970-01-20 18:07:45	Name: cookie Value: 8e6f4cf1bc6a0874
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:07:45	Name: bcookie Value: "v=2&e2dbf3c6-1ed5-4bc5-802b-d1202821734d"
.linkedin.com/	1970-01-20 13:41:21	Name: li_gc Value: MTswOzE2NzUzMjk2OTY7MjswMjEdnL7lfjpFM6u6B3Hg4sIF/KySzyFpEphcHDy2WLHJKw==
.linkedin.com/	1970-01-20 09:23:36	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2701:u=1:x=1:i=1675329696:t=1675416096:v=2:sig=AQErkP4NUTWkbQDqj19Q7DSoY7B6kAfa"
.turn.com/	1970-01-20 13:41:21	Name: uid Value: 4183605280264715858
.tribalfusion.com/	1970-01-20 11:31:45	Name: ANON_ID Value: agnsIHSkTsfAutomjt9if8BZcrDJ3SopfOnQTZaZdgSgZaDWU8VN6XU16FcGHfLjL3y8qpa6mYyaIJcubhUUnQnNo7e7
.bidswitch.net/	1970-01-20 18:07:45	Name: c Value: 1675329696
.bidswitch.net/	1970-01-20 18:07:45	Name: tuuid_lu Value: 1675329696
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_22 Value: 14911-4183605280264715858&KRTB&23150-4183605280264715858
.amazon-adsystem.com/	1970-01-20 15:09:12	Name: ad-id Value: Awe96erkEUUisNTbX7TeU4k
.bidswitch.net/	1970-01-20 18:07:45	Name: tuuid Value: 8491ec18-3234-4de8-968c-38edaa2a4cfb
sync.srv.stackadapt.com/	1970-01-20 18:07:45	Name: sa-user-id Value: s%3A0-16906158-32ed-414b-57fa-6cf58c9895f9.rUySv59aywm5fOCtS4N75MaghCPD%2BzbtEMPgis6IXks
.srv.stackadapt.com/	1970-01-20 18:07:45	Name: sa-user-id-v2 Value: s%3AFpBhWDLtQUtX-mz1jJiV-VD_B2o.uxGVh9hFfGDaLjRMeP98sCZGEb%2FsHzridY0jfH7p%2BEM
.smartadserver.com/	1970-01-20 18:52:24	Name: pid Value: 1232672149992059140
.smartadserver.com/	1970-01-20 18:52:24	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 18:07:45	Name: csync Value: 127:AACOAU7HtwEAACAr1YaHRg
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_860 Value: 16335-FpBhWDLtQUtX-mz1jJiV-VD_B2o&KRTB&23334-FpBhWDLtQUtX-mz1jJiV-VD_B2o&KRTB&23417-FpBhWDLtQUtX-mz1jJiV-VD_B2o&KRTB&23426-FpBhWDLtQUtX-mz1jJiV-VD_B2o
ads.avct.cloud/	1970-01-20 18:07:45	Name: uuid Value: 85ffb688-ad27-4215-a6a0-a5fee99999a2
.vidoomy.com/	1970-01-20 18:07:45	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjBmYTA4NjliLTZlZWMtNDkzNi1hOTFlLWNiNjY2MjBkYjBlOSIsImV4cGlyZXMiOjE2Nzc5MjE2OTZ9fX0=
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 8f9618d95989f88d
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_699 Value: 22727-AACOAU7HtwEAACAr1YaHRg
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_466 Value: 16530-8491ec18-3234-4de8-968c-38edaa2a4cfb
vnexpress.net/	1970-01-20 10:05:21	Name: _pbjs_userid_consent_data Value: 3524755945110770
.pubmatic.com/	1970-01-20 11:31:45	Name: SyncRTB3 Value: 1676505600%3A22_7_254_99_220_54_161_165_233_81_88_176_204_71_13_56_243_166_251_214_8_3_234_55_238_21%7C1675900800%3A15_223_2%7C1680480000%3A69%7C1676160000%3A63%7C1677888000%3A203%7C1676592000%3A35
.weborama.fr/	1970-01-20 18:48:04	Name: AFFICHE_W Value: HXLEDHHvIggd42
.zeotap.com/	1970-01-20 18:07:45	Name: zc Value: c59ccfcf-d4d2-46eb-5d32-08e94e0d1a1f
.semasio.net/	1970-01-20 18:07:45	Name: SEUNCY Value: B48AAAE307B26526
.audrte.com/	1970-01-20 09:43:45	Name: arcki2 Value: 7d9ct0MW1l4SR661L-h0bcXXw!20220908!1675329699686!ip#80.255.7.106
.audrte.com/	1970-01-20 09:43:45	Name: arcki2_pubmatic Value: DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018!20220908!1675329699689
.analytics.yahoo.com/	1970-01-20 18:07:45	Name: IDSYNC Value: "195v~29rl:18z8~29rl:175w~29rl"
.gammaplatform.com/	1970-01-20 09:23:36	Name: _aGeoIp Value: JP\|Nagoya
.gammaplatform.com/	1970-01-20 18:58:09	Name: _aUID Value: 1wbr31b3c1qg
.company-target.com/	1970-01-20 18:58:09	Name: tuuid_lu Value: 1675329700
.company-target.com/	1970-01-20 18:58:09	Name: tuuid Value: 14ddab16-bb90-41b6-afa3-a213f0e02b20
.quantserve.com/	1970-01-20 11:31:45	Name: d Value: EDABEwGZKIqsMK67gQA
.pubmatic.com/	1970-01-20 10:05:21	Name: KRTBCOOKIE_1310 Value: 23431-1wbr31b3c1qg&KRTB&23446-1wbr31b3c1qg
.pubmatic.com/	1970-01-20 10:05:21	Name: PugT Value: 1675329699
.openx.net/	1970-01-20 09:43:45	Name: pd Value: v2\|1675329695.5\|kiiygevNgun0.gqsLommOnsgi
vnexpress.net/	1970-01-20 10:48:33	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-02T09%3A21%3A40%22%7D
.vnexpress.net/	1970-01-20 18:43:45	Name: cto_bundle Value: _IINlV8lMkJyQ0phN2tPRWQ5YVhLM3Nna0UlMkJLM2Q5RU5zNmNrbGdCMHNxaCUyRjkzb091WkJvR3BHME9WNkllR0lWNzlMT1dURzlSUTRWY1REV0xXVHM3eExZek5PNnZ0OHJNN2VISG5NR2hSSE0xVDlSQmJsb2RkJTJCTElnZWhEaWR4UW1YMmgwRWtXRXFzWkVpWWNTdVlUM1dkdktXZyUzRCUzRA
.vnexpress.net/	1970-01-20 18:43:45	Name: cto_bidid Value: 2H1ufF9LejhCNmFCZmFLJTJGNiUyQmlkeGllcUNVUDAlMkZFZFNic1FKMllwcjJSTHdGTVBCbE1aSmFEWEpJaFVlUUc3VjVEN05QZDJlM2N0Mnk5QmtVejIlMkJIJTJGY2FxQ1ozem11WVJOSW1xR2F0NWJkY3lSMzglM0Q
.ctnsnet.com/	1970-01-20 18:07:45	Name: cid Value: e223e47d8cf44f1c8d4ace8202940424
.pubmatic.com/	1970-01-20 10:05:21	Name: SPugT Value: 1675329700
.csync.loopme.me/	1970-01-20 11:30:19	Name: viewer_token Value: fd99fec2-0469-4f74-8efd-68f16f9374fd
.yandex.com/	1970-01-20 18:07:45	Name: ymex Value: 1706865687.yrts.1675329687#1706865687.yrtsi.1675329687
.brand-display.com/	1970-01-20 18:58:09	Name: _knxq_ Value: 3f355975-3a9e-83c4-7508ceea.1675329701.0.1675329701.1675329701
.rfihub.com/	1970-01-20 18:43:45	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjM0NzQzNTGxMBPiM9QN9A2tysjOyyot0Q0BADq4CA0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjM0NzQzNTGxMBPiM9QN9A2tysjOyyot0Q0BADq4CA0lAAAA
.rfihub.com/	1970-01-20 18:43:45	Name: eud Value: H4sIAAAAAAAA__vFyGtoZm5qbGRpbmBoamQIAHufirgQAAAA
.w55c.net/	1970-01-20 10:05:21	Name: matchopenx Value: 5
.w55c.net/	1970-01-20 10:05:21	Name: matchcasale Value: 5
.w55c.net/	1970-01-20 18:49:31	Name: wfivefivec Value: hn5p7HJA1PnvMN5
.pubmatic.com/	1970-01-20 11:31:45	Name: chkChromeAb67Sec Value: 5
.pubmatic.com/	1970-01-20 11:31:45	Name: DPSync3 Value: 1676505600%3A241_245_197_226_235_227_201_219_221
.ads.pubmatic.com/	1970-01-20 09:23:36	Name: pubsyncexp Value: 1675351302350
.adxpremium.services/	1970-01-20 11:31:45	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMjU1Mzg5NjExNDI5NjQzNjE3MCIsImV4cGlyZXMiOiIyMDIzLTAyLTE2VDEwOjIxOjM5LjU0Mzc1NzM1NCswMTowMCJ9LCJpeCI6eyJ1aWQiOiJZOXVBbnlCVkl1REtQM0V2bEdSSlJBQUFcdTAwMjYxMTc4IiwiZXhwaXJlcyI6IjIwMjMtMDItMTZUMTA6MjE6MzguNzA5NjE3NTYyKzAxOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IkREMkY3QjU0LUIxQTYtNDE3QS04OEYzLTdCQkM2QTJFRDAxOCIsImV4cGlyZXMiOiIyMDIzLTAyLTE2VDEwOjIxOjQyLjM4NjY4MTM3OSswMTowMCJ9LCJzbWFydHlhZHMiOnsidWlkIjoiN2U1ZmE4NDY2YzhjY2FiYmJmZDEyNDk4ZmM4NGE5NWU3ZjQxMzVjOTIzYzI1MzBhZmQyYjNhYWZlYjRmZmY5YiIsImV4cGlyZXMiOiIyMDIzLTAyLTE2VDEwOjIxOjM2LjExNTU2ODk3NCswMTowMCJ9LCJ2aWRvb215Ijp7InVpZCI6ImE2ZjM3ZjAxMjMwMTMwOTlhNTk1YmUyMjE3ZmM0MzVhIiwiZXhwaXJlcyI6IjIwMjMtMDItMTZUMTA6MjE6NDAuOTc4MjE3MTg2KzAxOjAwIn19LCJiZGF5IjoiMjAyMy0wMi0wMlQxMDoyMTozNi4xMTU1NjgzNDQrMDE6MDAifQ==
.creative-serving.com/	1970-01-20 18:43:45	Name: c Value: 1675329702
.creative-serving.com/	1970-01-20 18:43:45	Name: tuuid_lu Value: 1675329702
.creative-serving.com/	1970-01-20 18:43:45	Name: tuuid Value: 73c049c6-3250-4974-a3cf-191778b3d884

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html(Line 229) Message: Failed to decode downloaded font: data:application/font-woff2,
security	error	URL: https://s1.vnecdn.net/vnexpress/restruct/j/v406/eclick/egg_v1.js(Line 1) Message: Mixed Content: The page at 'https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://g.eclick.vn/iplocation'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECpZeJJSCM31Pt3bHF2o0ns&google_cver=1 Message: Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dcd2b66185fcb9a2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e6f4cf1bc6a0874/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSnUMWjMbhjUgaSTW%2526gdpr%253D0%2526gdpr_consent%253D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=DD2F7B54-B1A6-417A-88F3-7BBC6A2ED018&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://vnexpress.net/kenh-dau-tu-nao-sinh-loi-tot-nhat-tu-covid-19-den-nay-4564117.html Message: The resource https://rumcdn.geoedge.be/7ee6f8d0-8e1f-4279-8e72-e7cdae388be6/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d15eeaaf8e1c7cb9cd5564124c201b6.safeframe.googlesyndication.com
3a5d6ae81e002caeda0eb340b39787f7.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
a1.vnecdn.net
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ad4m.at
adp.vnecdn.net
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
adx.adform.net
adxbid.info
am-trc-events.taboola.com
ap.lijit.com
as.ck-ie.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.taboola.com
cds.taboola.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
core.polyad.net
cpm.unibots.in
cr.frontend.weborama.fr
csync.loopme.me
d.adroll.com
d.vidoomy.com
d5p.de17a.com
d9d18169329477829e95730764e80a24.safeframe.googlesyndication.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
flo.uri.sh
fonts.googleapis.com
fonts.gstatic.com
g.eclick.vn
ghb.hb.selectmedia.asia
go.trvdp.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
gw.geoedge.be
gw.vnexpress.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
la2.vnecdn.net
la3.vnecdn.net
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
logperf.vnexpress.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mc.yandex.com
mc.yandex.ru
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
my.vnexpress.net
octopus-stream01-cads.fpt.vn
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
player.adtelligent.com
player.hb.selectmedia.asia
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
ps.vnexpress.net
public.flourish.studio
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rt.ad-score.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
rumcdn.geoedge.be
s.amazon-adsystem.com
s.company-target.com
s.eclick.vn
s.tribalfusion.com
s.trvdp.com
s.vnecdn.net
s0.2mdn.net
s1.vnecdn.net
s1cdn.vnecdn.net
sb.scorecardresearch.com
scdn.eclick.vn
script.4dex.io
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
select-d.openx.net
serv-selectmedia.com
simage2.pubmatic.com
simage4.pubmatic.com
sm1.selectmedia.asia
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.eclick.vn
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track-selectmedia.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usi-saas.vnexpress.net
vcdn1-kinhdoanh.vnecdn.net
vid.vidoomy.com
visitor.fiftyt.com
vnexpress.net
widget.eu.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
g.eclick.vn
prebid-server.rubiconproject.com
1.55.119.42
104.103.89.173
104.18.33.19
104.18.36.94
104.36.113.107
104.36.113.68
104.96.145.246
111.65.248.177
111.65.248.197
111.65.248.206
111.65.248.229
111.65.249.130
111.65.249.131
111.65.249.224
111.65.249.226
111.65.250.2
111.65.251.2
13.227.219.63
135.125.163.79
141.226.224.32
141.226.228.48
141.94.161.158
141.94.171.212
143.204.215.5
143.204.215.89
147.75.85.234
15.235.15.221
151.101.129.44
151.101.194.49
151.101.65.108
157.90.40.26
159.65.196.12
162.19.138.119
162.19.138.120
162.19.138.82
162.19.80.92
172.217.18.2
172.64.151.162
172.64.154.237
178.250.0.163
178.250.2.146
18.156.195.47
18.192.227.159
18.196.123.254
18.66.23.210
18.66.23.213
180.148.129.21
180.148.132.197
180.148.132.75
180.148.134.72
180.148.136.107
185.106.140.18
185.183.112.155
185.184.8.90
185.29.132.241
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.79
185.80.39.216
185.86.137.132
185.94.180.123
185.94.180.126
193.0.160.129
195.5.165.20
198.47.127.20
199.127.204.147
2001:4860:4802:34::36
204.237.133.121
209.25.233.254
213.155.156.166
216.52.2.91
23.35.236.201
2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
2600:9000:206f:1e00:4:b37b:9440:93a1
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700:20::681a:78b
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:4aa0
2606:4700:3031::6815:5dd2
2606:4700::6812:19ad
2606:4700::6812:372
2620:100:a005::6
2620:1ec:21::14
27.126.192.213
2a00:1450:4001:803::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200d
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2002
2a00:1450:400d:802::2001
2a00:1450:400d:802::200e
2a00:1450:400d:804::2003
2a00:1450:400d:807::2001
2a00:1450:400d:807::2006
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
2a00:1450:4025:401::9b
2a02:2638:1::13
2a02:2638::24
2a02:6b8::1:119
2a02:6ea0:cb00::2
2a02:fa8:8806:20::2040
2a04:4e42:200::300
2a05:d018:cc3:fe04:3cd4:fa83:9893:2f4f
2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
2a0c:5c81:5142::2
3.126.56.137
3.213.67.173
34.102.253.54
34.107.214.50
34.111.129.221
34.111.131.239
34.111.151.213
34.117.33.6
34.245.154.233
34.254.104.103
34.91.62.186
34.95.81.168
34.96.71.22
34.98.67.61
35.157.246.167
35.166.135.198
35.186.193.173
35.186.253.211
35.201.96.126
35.208.216.174
35.212.133.238
35.214.223.115
35.244.159.8
35.71.131.137
37.157.3.20
37.157.6.233
37.252.171.84
37.252.171.85
45.133.44.4
46.228.164.11
50.31.142.63
51.89.9.254
52.20.193.33
52.220.229.2
52.222.139.112
52.222.139.13
52.28.67.171
52.46.155.104
52.50.45.218
52.8.184.151
52.86.222.203
52.94.222.140
54.154.174.88
54.72.53.159
64.95.96.108
69.173.144.165
74.119.118.138
74.214.196.131
76.223.111.18
77.243.60.138
77.245.57.72
8.2.110.113
85.114.159.93
99.86.4.3
00102285db9623b3e892722351fc016242cff5029cda50229f8b046df3445cd0
01db3358ffc0673dc2b4758782280f27b194c1c4aae3be75f57911980d9048cb
032ed403adb0e7aa5713ffa387981497e4bf9b4d5235e4e6591be448245ae90d
039410a46f7f4d405d38ce3907032e779f8a754d91da5c86552818f2dddd259a
04380f376fb4116b7085221d87422e121462dcd44f85f87ce994da62b6d3f482
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054e866eb7575e69c6978967e03e09a9dfba6a7c31f3dc43c8431002fff9fef1
0556593d45f8d74694d7df220eaf221ebb780fa1341f22a05c908774eccd9e92
05a283a7fc7395ad09eac0a134c64e4ad727c1c0654339efbfc0e596608778ca
061a636fdff4669f54fc5e6b5c5e0d9790b7f081329160c23c48d3db05355d86
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c9a0d9e87599148a500fb8473b52879d21a47aea312621a3f8ec85099ff061
08a15d47817b82e0b6cf5ef24365f16f0b3f9402274ebd7924a4d4f33455839d
095fa7cceb9c3b41a5d4f2ae1915718c855a613036d36b3648be2618c585890d
098372943a3890980120d544cf3da77ae5220998eee484d143de9c08a76111c7
09d10d0ccfe4487ce5c7ea35626a2af092a85d8c99054de6086e62197ad178fd
09f3ec5183b04b62ede7114a143f533de3a332dbeaecbbdf7f4eafe89ac3c286
0a7794f4b541208ea1776b27417e4a048fce0ecf666da72b825f1f8fa883bf8a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca701160a49e1c3e44f77b348b2c01eb50ffded4ba52fe0b716d783df516ef1
0cb0fd4e468302bb36d8d5545140a987ba3d75262e2660543be3fbf98284c324
1015fc63defe7455bf4ad13f8ad62b652c4438adc04d0fd4d83a51014e9f9455
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506
11cbf1de684ccc55decac5a4295a95f8cf7d797e24c75592087f97c232a2528c
12964f62ce71e93c176f6c2b158a40dadbf03814a8af0b42aeb22476312a8565
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768
137fd5e0750a649483b68b5371a65c6e4f1f9f761edae1709e6be149e03f4fe0
15110734f6201b25e7556905a858a29ae978dff23322d20965d68207ae7e9b68
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0
16e123faf1d73ea4576264677b3681e3f86c7ea0c25514ac5eab35ef326dd214
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19437f20ae68004c346fdc30f7976d17feaea4d211b04cba8ea3608b368ef3dc
19d225b14e230575ecc063488ffb9e456701ccd6757d2f0a0e49dbc6512fbe7d
19d7be25299976201093789505a7fd8a6684b63d5eb11cbf680604c542d9272b
1ab2ec3d41e851aa74e8b216a65811eb66c31e555b73dbff9e685c69e1700057
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d30ea9b600700b1e59d806ec05e949ef0fb78ce4cc3c056018da7990d1c2c90
1e6046369ce0d5de5c88f1eed3c92490a32ef94d305f8bb301549eb61d50abdc
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924
20a771540e3bbd288f98e6344f8626a62329ed3aa0b6862bb489253704f8714f
20f291acaadfdcfe1b7fe74dd747ebc7d203563b7f5273dc29fb1176fffbfba3
212af3e250fccd144e4c944d50cb15b3db03ed4006b5f2f623b46af5c786f538
21b586df4ab69259bc47c8444944d45217fa16d8af32a4fb9ce07c47fb8048bb
22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f
22b227689b93e1ced3808e3e2e5e67f7a5093dd4452e58f43fe772a2fc7ca714
23955e8c0b88fc8d07e81abb57d8ec739559e8489f8a5b7f85ea10e737757f48
23e31349f7f219d77e986c095a9f77b7de022c3d94e7ee030881ea73db23c409
26347690a42de76f183305c56c8d2544d67a6a70defc5a86164953528e306fb4
2634fddc93acb7eb6cd6df1048a4181ab45ae4b2d6524e524d1b5e80f0aa914e
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5
294f23e399066488129f75c2f4c28b65972c093b8e77314e74030e3ea1760a18
29cffc611bf15732567d87d8ef7d39905e560b459c9a4ebf7263365186008bbf
2a1a6a2d8d70e8dac8bfea5200a1528c413ef71521e023432533c3e6701cf014
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b90449d72d176b940402f6f97e8587bc8e96c67e8b7d85bc1ca6e9278baa6a5
2c2c3d9887c9064b4635bd6e1dd3db0a3024a9ae2c1981d65cf3756ebb196b8b
2d8104a7a6319424f9e6321b7b76cd476c121fa8ec31d6171b421d1e7fc0cb36
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3112de4a5f3b2752d588a49e1761365b39074877c70a5ceeae6541409fe119d4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32253f400c1441b626d10a38021e603432b0f9dcc07d4ff8d4ee784af779bbb3
3268333640632d220439c08435b9d9ac6d1a5bc5f03a9aeced77f374a015e7fd
3478465773b4c316de39d941de1b81939c1846110198ff64f2fe0eca3f5cd5dd
34e96132a8d8fddaa732c169ff48c9851d3b28b8b37673bf7f0fb3ee239ca063
3529321f83e4e37cf72d41ba6cd8237463a89a6fd5415554c948b58defaea015
355f2368b6948f9c991398366a77dc4529239ba20d0e910a2d0bd221b45f5d74
35de43836b10b31e69db065b571c598efd4dbb173426246ec83d837844c30984
35ea7d34e1a52acb15024c19163c61f8eb19f1a8b343ee498dd6be011040651b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0
3807a2f696518bea1216bd274041aae2cbb9ba49dd63aec6afde7a37dad18a9a
384fd2ce3c15595fc058cb033000437080bb777a1567c8d63b42e445f15d37fd
38900f3fe5af840e2b4f119ff76430034c9955cc59c174a642ee82ac61d6fe0f
3bb12576184eb8a62b23fe8d023373a3c5065490ff1b343e2dfc361a702a623e
3c0c3559366209aa54bd95f5851d038d1f404cfcd2e7dfc2e095c0325c4a2d6a
3d38b61631757d0c79305382f761ad40cc2d443784ef27074ce64c51839e3703
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8c114cbd9f0ed48579b7dfae450fbd98d38117b32b2425b60e8c4c3c3fb340
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f80d5f9ce4e4273e3dbdc43f418d37328216b79195165c14e65cc1c6ec34127
3f9ee93f37a18288ee42e6ec6af7186a78242043ff30b99712f1a4bde044b1e7
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4172333cd43faee1ccf45c6c95c3f3cb8bf0ae0b96da4ab0e1183dd3acd66295
419c738b818a3f2916ded575ddaa1bb10a646297cdf3dd9f1cb26ced593a31af
42e3da34691e3534a6906b65f079c00bbaa930376f8c46c188420e0479cc84c4
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4540c5e45b51da5e42e9e137807a2df75519a32cef405e6ea3dc1bcf02d8b526
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba
4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aedfd8521b97f85801629a91636eac3db10625bd58d278ccd6d33e50555bca
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ae92596e207654c9980013b91f40cb28b6651916b6472892a85573932c134ec
4b87c46f909eecb9fcaeddca12dfda2c5b5f93e81985a6fc602679fee66c59ed
4bad618ab197f861f6927b55f2132ea72a12ed025d41fdf6bb806ecb4c8f7dde
4ca3911ffa3b058611f6be71b85a4be3c81a6daeb002c391801a25bf7377e225
4cff7e40a36a2101bc5c0c54c6251cff1b96a0e5d26b9fd40f23cbb7d072e50a
4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a
4de44eab29462e426981eca31a2e82331fbc494e64633889321a3b8db175527c
4df568201140559383e6d69be09d8b72f5a1f0af22a9c121e1c3f15e674891fd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50c610671f4eb4fbc4b59ccfb51f675a5753375b54a92ae09bdab34f0bf074fc
514d33c7b8367dc887e19256dafb8d80c63bb096e028fcc87de7416c4c420d3f
51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291
5239aa1193e7752a6967aa939eca477603942e20172df9145f6bace01dd64490
530752728a396ddcdd46e2a062834d6fdd475ad5199b9beab914088203fb1fac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5420fc8b96e3c1839e484cd828339848f0ae4ace46bc7050064c0f9e1cd1381b
54333a32d0fc2c3d5d5f5e5f20c1c299f570b29919354a7c554ee00b13364390
5461ef0dfc6f5e08196bccf1e4b37b3d27c64f8c5201fd52922fb6d688147b60
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
56d46d5803e627e66010e676237a02fb0ffbc761763d14476b7e5adb3f9d541b
56f7ed2e698c537697f7c77a954b8b9e8f4f2eeb3b902ee773e1da4dc2a56675
56f9f67f1f0195ae76d9afdb44b0b9737185d460186ac73ed29cb77f161319cf
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7
5a7f104fbc5dd3238bff841a356e5aa72ab37b44c6e181be48b62affc6b183d2
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5ce57f5f6ca2d1aa3fadd5a76984b5228cc28820e628ac7fd3382eeba1e84865
5cf28dfcd67fd864cea7b615705eb2dcc9840531a31d6b30d322f6f04ba689ff
5d1fe77378f45e6b0522d91539de73b05da7aea0d7b17cc14658da74fe920cdc
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f0f2b86de84efed5be288eb4d18dca8ac1a879b763220b5ed1b8a9c490374dc
6067f8e24e6f3286af6419cda15d2c7aa3a5f75efc8f325f971182d464fb07f8
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636e34e0da2f1f67697ddc5b0ab2ed5bf0661571906e8abf3efbd762139a8dcd
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64fffe4a3746399ac999b2ee63f1d06314359db96fbbab98ab7a46a5aeffb1b1
660e1b0568c9de24d049a1e423af249c780a7f4751e6b6e2c02d5433149cc4ee
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
674adc1bd786348ee8221b18ddfb4e3531df5995fac4da44a4ad909b774ca646
68ba37484842d6afca1056ba46fae1051436633e6f92d33f8c62fcf034331b42
6933783fa307f2fcdb88121d0a5e4a4b48072a9e99d2d150e1ad3bb64b5b5237
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f
695cb3c4e114679048f0fa8ad52fa2a184b920657da62f51963a25796daa6bbb
6a3635b738942e18ec8334c67cffab35291250f192214221fbbdfcd1f366a2a7
6afce051761e9645b6414fdb2bd412e460662e65cb42d532d721535a5465b9fd
6bf4ab9e4759467809324709ab92224120f5d32c8f63e1c96ee65cae052d116f
6e0839c2fc964208d157d5582aa3629465196ad2d90b9aee7ba1a480d8ec40a5
6ec66550f21646e3d54c77ddf6186b47f927f63f7550ef4caeba523a409fa6f5
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
7064b5e20cfcc8922c59e8ab0de59b79f2bb1a73c55cac37353d29df7cd561da
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017
718cc1c0dd6ce6d8f0b4598180f7b7712d88ee7c66fdb8bbc6998c398050b886
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72f72c9ca1e1846f22ebb87b36b7241191fe492ee74b6b2764da69fc2c70bbe9
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
75703b23c6052d82159c940464b9e794f4f86458f6a4e451f4f7ead35e9725c5
759d244982b4cb13b2af404e1874ce6df91da5052d9455e3fc123aa2a500a62f
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d
770a5b74110559ebdd8bb15bc9fce215d604393b5366cedbbedaa3f15f66774e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77a13543cccf522606dde792ef6dce3936ff4c4854796accdc998d48228837ce
783f3df68245db7a9c5bf199c37900265d429fda0be81f67f46d80c5aaa32ffd
7a0a183b048b79c5722e23da3dd4ae7576cc17b0d66c6ef6a94418a60ccbec82
7beb420b483c9ae3bccdbc188df07779991cd4c750ff44b2022ae4e92ef604cc
7c3f0d6cfe9f8fde34bf9653db1b256bd0601b91b14e6336dde2187396a16efe
7d1c81e5b7af69b12d8517442b333d58af1b93c5a6ca9d5ffa160f57a859f56c
7d678a09262162412b85ae5544a40f128b729b4ebe6c15b9bd5e1a4e8caceb98
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
7ec1f293c8d0ee9b950bead97d1639584421b055e539def9ecc3d54c8865fd3f
7ee90263745c1e250396cdedf42d6f3c6279ea5d1aee9e316d5b29bbb8318795
7f681cea0becaa16f6e34ba1a2725adf8754b45bf868b398c7f80f2dffc16d31
802b98f483664c8616ab4c571f37ae54c2bd6b7378f0f87c70f5aa740cdf44e9
8186433221b3dcac73149c2fbd31a272985591976a9c22106b67482ec80b6d82
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83812787b723e663725ffd403991c0629c26237b932dbb04dbe8e017cf1b523b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863016606095ee80bec9802da48ef003599574c8b1472e9030f6792bad4f2fc2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
880fc37f5a324b19d0624937dd1235625399588bebfe5c703930d6f3e1409285
89ab6431c0f972079c30c7f229d21560bee7002013224fca4b1f664c8956cc69
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89ebfc3d5a692b3490ded59577ec232b847274f6b811fea414cf69a2641203e3
8b2c903b0fd22ed715d260c54dfc473400185f163605e1281207e8edc797b32b
8b515a98367192794cc4980ab7d6ef75ed8d89628d5d8c7b8f69e806080ff65e
8c3327dc28e14abca86b8926a477cf8388e8d285f9e7de60e554115fce927102
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d67a2cdd68f61737b34610b8edd7355a918b7b0606044e556ab782b2bc4550e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e112c1ce5ff7e0345a95a12df3f67ef53f69d37f7115a0e7783e2b168e69de4
8e8a2e0b0d47db632c09375a0aca004c7003030d1dec0df66a067d7388fab376
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1
905ce5fca93c3ec68b0249199d073241e126f9faa6be36af861a56122665291a
90b93ecdd3dbfedd362d3b364266079417a68d8fd54ea3b618f82a6989b4d29f
9123ac173de088f56e3ebaccf98c4285e5e8190536e124f2ef4634106899b85d
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae
9294ce85a85a187daad6822af5cda3809fa0bbd1b440c356cca7103548d13a83
929be4ed288c85a2fd199a9aa1d4fa4e1565909db2ac26626af7974aac62811b
92c5169362f92d33a5fdd7fa614f9b998fb55d103adba39c1564de1655ac5ce0
94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd
95e62ce77bf423c94d33734d2d711a496b3e2d601f5e13212a3744393ae004dc
96bb3f29f346b4a63c3fda29b74e69178648d731d4250768f21dcb6dc27b59ae
96c82191d0ed080343fcc43c53f802af79501b559ac51c4f8f3408794f72b514
97549a93e63d7b1fec27231f3ea6b5a7090d445fa52fe0a470831ae4ae2753c0
9773368f04feb86ea051955af8616720b0dce7dc2e822bdbd4dda657e0543be0
97c5a68624bddd615aff05b8ce8d78c14a05a867da2f0be13e6662fd9f2caf94
989c5f5243ddad3c8cdfdfb1b96124a7ecfa1b653a6d41a0dda14f5407209fa2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991905620a6b37a91e9154913ba2cbc55acfc8231b8eb80a6aae5ea2bd5f7307
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b56fa80445aa7b4fb7cad698e4c0f5a00ee843f42af2c31f4b55f02bde37b9d
9b7813bbbe3b9aeedd4199927426bcbefc21ec00c305838fa811339c4bba8bbb
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
9ec00dddfa9ed84549c887466c81b94fdf284026900c0f7c139b3cfb1dcaaa19
9f8927332e6545a66e7cb5b9b72787a0027601d28e6d609819fde7921a7aabf1
a006951caeda5b31c1599aa1ebb91e452ddd15fe1589ce365a47c9d457f0edab
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f80da76887276bd6d3a21ed79714d2007997d140d6982b982b9342397604db
a1ef4735b12456b6f2a0c6ec2ed48dd431fb94e559be9d9fba2e2db4bc655d94
a32f86c403794215faf8aaeb2eb2aeba925e3a2409eabcd9ad6a46cd8d1ac4db
a3766fb87b2c8ed25f21f385eece51f43c4ae621e3205b534327bf344102c788
a38801d0d39b80e0a3b16fc8c04925e9d3e855332d5d4414aa76bac593fd6059
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55ca7d6304e8026e82b7eb97e9d1f62d0fe9241a1e05611b0c6280417190368
a5af3a3bde2a115fd5c59191c1641a1f88c2a3e1ecafad11406650bfdb684335
a619ae1c332145518f3ed463be52e3c71f63ecd71b0fdeae601b1878170005a9
a6681d0e699105ecd3934ea5bb45b63e48ae030cc626c3f036092033cbd5aa58
a6b657b03f09aca8c5e37bb301275e85f148aef254f87ad9a53936f9d5e655f7
a6d67f1609a53af7e6c53cb2178b20dd9ffa85eff3c35b7184d73273684e30eb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8b4e367cf083cf5801fbc13aab544dbe3374f9b6fd7393df675667a09591e45
aae43dd0c04b36d5500a355226c4689f1043be79e39b96c2c1aa2471203bbcd9
ac89d7e4b7c14d902ef5f62dd07f8d1ff2db26b27eccecceb573b6961f9958b3
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152
aca8dd75c90a818d252ce079931352de2b26142e83163c98c7a64e1a16edf5b0
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aebf010cf3503db862eb22610bc84f1d2f0b174bac152f1e654e73fe9ead91ee
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef011e8998c8833945ef2f6ab2c88d66136ab80c33ad978beaa21c9c7933b59
afd9efdaf2a058efe61f9f1bd8e4d4546ca08d56446779e4cd2199a68548fb4b
b024f0fb2fd9d8fb3f473a214bc777b6421b651a0fe18dcd04295a08da687c7b
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24ba59c742394e93e2e36f96f656da2c2141a082ace1e3a71873fc755cb050a
b2ded7fe96b84bcd4bd4c423e259aa64f9d9d3acf02457288a6c0f862e36ace8
b36f0959b41de057e722916bd5cef713ff770a472797e5869e07fa594c2ef39d
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b49dbd1478226923c5e7a7d5288d5927f0a6d6fcc02ac769f51ef223fdbc3dca
b5163676c9199b668acfcbda386da55d52ead0ced94740e2f15ee38135e6a829
b549413d338bbf4f013cf790218ee9230c8a5d8089b5bf6f16538405c7c383c6
b69e79b0a86909814b5e421bb7dab8c697c1ff2c2327a55295a4bd17792306b6
bafa57e61498861380e6a5faf365152043ed1c6e3bab985dbda8d1f8049c29a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba206c3e8428e38d318e1f9fc25739a21eceff446d32e4820ec06384db031d7
bc1db64abea939caaf19587e4f03ed00348261f4897fce4de89254a170858bf6
be6695f912b24456df12e45909353ad53d21ce4f29c76eedd23fb22940ab9a67
c087998dab408d9dfb6df202fb80e3e7d7a885e7d961d7c536dd39fec5628ff4
c0fc796f3db3e151622a454de9fbd730f643055048ec429b9dd1492509a5432a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1520e3c95303a92140b5d502147a46a2f2823ed7914bba1897395c0ba036941
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2864bf3ca82a5e7f9cc6e96e40dc32665faea6bb959d04686ba2155ccba3c29
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3263042f6ebac63519ecdec6d8b241cd40abb309125f17b7044a7d8f8bb2a18
c33b72081b11e2cdb68016efeb7a0568a8e22cefa95291636bcea5693ea37df5
c4d163a380f9580a18ebc0f30c69f913f5fa2adea7bfa345503e851a10f561c7
c5685d282087ffa8a3291a2e52a09daeef87c017c787b14e1253bfc3127f0d1e
c5f617b19f81c10606962b0976952f582cfea4561d00e1986d618d14bee10901
c65de6dd961fcf526151ba40e7a2326547321f4aafbf181354b3c5607f8dc733
c72fd8f3c7b6be1a9ae192dedd5500eff623bfc480eab45320ed0d374abdf540
c76138c42d5fa05bf780b452a1beb598e7b80c06fb79431ceed88d98fce5c199
c7f908193dad81c49b881987efc371144d301ae87ba387401f21fc96456d3578
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
c8c714a9c23a9bfbe6547715924222b653a606199dd7f0b516f2d3aca840df50
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c9d1030be753873dbf9c353c21a26d0dbaf705ed62c9c7d5c0259c730605ccbc
cb9db5f79e13296dd36ef794d020cc111e1414c9d9cb390542198ed73cd466e0
cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958
cdf3b4544ade7f5415c184cb0067c75c928b2dd800edf4113c14dd864a2ab487
ce446ee3dc543744d895593789ad4dd01c2f64caf5749a5cc5decc4c3b8bfe1c
ce4481bf9fd1c72aa0abe9d6ba0a9702f246568dd4891878e70dc860c453392b
ce8822512bd165823c5bcf135749d738d43705b6b9efa63da4b384b56da9a5fe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffa87f7587b28bdeb17abd5bed81737fae74be6c4ea7d00cd6257cf376a0a2e
d0493e9333839cba82d152ee5c8ef6e9be07c9a69bcb471abd47d9742db10431
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1720d8022d633ca297a9c5610c993c4c5f83a1fa432fd609aeadc137029245d
d1d10d2379b8cd4235c49be2be4aecb8d2fc58b39466dbc7a91574911b44df7a
d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495
d30d5a15f01d0bf1d2eceda161aad30112be19ba8e5fbd1f1b65b15e32542b47
d73b8f66df359abc961d9d9c8b77387638dc2e9267d6ce6ea74f64e6c3f41c0a
d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6
d980075cb998187e680e4e95af826439b328b107c131eb3b8f8ee1f674f4de1f
dab37561c8eb7ed6a9b35829478d573844df36302429c3a50d512bb8e07c190a
dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468
dcba6e21d3d0a00fee01da76b7a2e00c29ec76de4b80ef11e88f5114181c28a5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df16100b69ba78ccf7b7d734ea78814b64992f7479564ba0029528c68eca5ea4
e05c8cf0a28d9efaa056de23a6b12a4c59dd8407429137ed595603d7deb637ca
e14bdbd3df3cebece996ccbf85bcea526ae942882d200ad73916f987c6e84982
e28ec9fe062b035599c349c0dde0982b0bbcc38f726f41b5bb3b886e29df402f
e2dd012ca744583da20cc55879eafa5fbd9ad2a4d45bbb3a5bc022ff9bf0cb73
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd
e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3aba9a2da1ad7462c294983680c33427cd3abfca866883fc310d331ba94aa
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
e4227eced391a5b824e808efb4e64bc417707e04e7f4e5354fde9b1b8af970ac
e4bdef16257955b0201cbb6e8063efc6642b751644e790b02297f5ee6975f119
e5041094c25edcd5cf33be262bd3f8713568213f47911119a5c81c197f1551ee
e60fa42c67205cc4d3a116f3770a99c845e9886cfee52a6a74ed269f74746f81
e62a91c3692d1e66041b2ba675f8a41f01ffee742c5a5f4f80ee96406e12cba3
e7d4ff21f4c020c56a7568685163cf665eb1d5331a781180fe1d9520bd9b447b
e7d5986fc7bd4b31a1d4efe6f0ef42cf42b1a2a2be6c88839c6e0c968fae30d8
e88177ad34825f0b1737c4a796c70f7215d618e3e9eb2708bbcf4344adc03d51
e8cb0d7e83c435a7d8eb0d1f980eba0e46f88acaab19a3545486fb3e51dbe5bc
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea042675c5c4aba204553ff3c3b54c8c63f682da9b2ab280e4ebffca9009f906
ea4741057abb2afb4ab60ab26cd6bb192a32fb86694418d1354a84aac5ee79fe
ea4775119582ebe1d3b68c6666306f7061fed1b88c2c6b7cfd944450a5efd925
ea8e85717334b474e5b07877b0a27dc9e673e1a907230007d974d28b326fdde2
eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b
ec3d08f950ab1d6d5e3108a5408c596df3ed7455db65d82a9e927a20279444ac
eccf84706d9dcef069677ae87d019db02a68710e9a09f1156ffd1b6f0eec2fc4
ed27a1a9e245e9eef8e661e586063ed23638888ef2876eeb418a7a5d4c1fceb3
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db
ee460bbdea3bf5ac7619a9710f4fb99e02e914de9896213c44a03de58fc112cb
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efde7dd73300d8b31e7a2c1ed2e2c47f97a8403a0adfc12cb74a38785afac197
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f12aec86d620097c1f209b45ce24d3fe83530753c734437d28eb73e98ed9b77a
f1b0dd35272bbdce305b1f897b2f7cacff05f76c7aebc3607f90ee85fcdb1217
f1cb3b41e848a8552af2dc9475724bffbdcf6432cc0f8c037df9d44869fe4558
f21fd7e2e301760daf41de604003df69d5955858eababfb499d7d137f764a0a6
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f3147e19d405d567f9ee51f7261d798b2a649598a2ecc3ae80378729b47ac491
f3a830916966786ee3b6c0e76353c983fb4dca7aa3e48dea8373f1f6959cb9ed
f56dee178c034a8c543610ecd85a7e7492c406c0701e64bb60876858cb6ef29c
f5bc43f1bf8231a1aaa776dbe00f8d7c01b3d8ce81ae0dbec887baf0acdfd1b4
f661d058ce83c10c34c0f43880858e37c052cfc33ac817b0f52d3c12740b1052
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f69d003ea553ac3e670195e9e2ad3cbfee34ea9a2878ef3584f9c7c88be07310
f7724cda0ca9bde83c679a7a753b3e694368c258509d8fb3d1cbac60164e9ad4
f926528eb40fde5414074e03e9ffe3b53edd73999cc6a02c20bea9fded156a34
f9b19ed3646245ca5ee89c9816ce6a83edcd2e979c11867213dd8ccbe08fc2f3
fa70a5530da74558842e2654ddc7a1c9ec51d15845529a76256ab0d1470cfedd
fb91146c3755b4b4377abee590e05a2d2ece4532fdeb87df870112333330b701
fc792e72b748dca1ea6bfa01e071f8cae61046c81a49f0727ef39d4e5e03a576
fd96c2e13e99447a8c8ceec2218c2aef2df2417359ba20748d3eb10f62bb8f89
fdcd9aae128d1a3ec47dcd52f6d89f2227f6bd86714e053513a4ecdee60f8e24
fe03c2341a57b7f908b7d4fddb609927a5047970ac0b274e6f58390d8ebe24ad
fe728663ede3fae6441ace72b929ac6661d5b28e167ca81cd8209f5a4a4ede73
fefa3e44148fa1c07e640123a9c481b8b0f6605ce078a509d6486986b56546cf
ff605a73cba2b89a2def6a3d60c292b19fc9a347f0ea031ec028fbadc7e7121e
ff8e854dad325d8864dac7080788482bd051eec2c66c2b1d01e20c6d79196db9
ffab9d963be9195d80a4893d07fdc58473ea76b9f6e939f2632e872ae367365b

vnexpress.net Open in urlscan Pro 111.65.250.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

961 Requests

87 %HTTPS

25 %IPv6

105 Domains

194 Subdomains

136 IPs

16 Countries

15931 kBTransfer

45234 kBSize

152 Cookies

46 Outgoing links

Redirected requests

961 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Screenshot
Live screenshot

Full Image

961
Requests

87 %
HTTPS

25 %
IPv6

105
Domains

194
Subdomains

136
IPs

16
Countries

15931 kB
Transfer

45234 kB
Size

152
Cookies

961 HTTP transactions
17 data transactions